How can we improve New Mail?

MAJOR SECURITY THREAT on mail.yahoo.com

You have a security exploit on the mail.yahoo.com website. It is in the ad-generator portion of the page, which you lease/sell to third party vendors. The ad vendors are able to place malware into the ad code, so during an ad refresh on the page, it redirects the whole page to a malware/"click here to close"/virus website. THIS IS A MAJOR SECURITY THREAT. it tracks across 4 browsers (Edge, Firefox, Chrome, Safari) and 3 operating systems. The flaw is in mail.yahoo.com...not the end-user. You can fix this in server side/client side coding if you have a good coder who puts sniffers in the ad streaming between the web user and the ad ware streaming service to block popup code and redirect code. Please fix it. others are claiming non-secure rebrand of mail.yahoo.com. watch for malware on the yahoo servers themselves.

172nd ranked
Sign in
Signed in as (Sign out)

We’ll send you updates on this idea

Richard Jensen PE shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

9 comments

Sign in
Signed in as (Sign out)
Submitting...
  • Sadat Taheri commented  ·   ·  Flag as inappropriate

    I just received 2 email threaten me that if I don't update my Yahoo they will close of my account and also mentioned it has been proceeded. Along with email the attached a file. I should say they used Yahoo symbol.

  • stephen pardoe commented  ·   ·  Flag as inappropriate

    Sorry but that was an unthinking reply from the Yahoo Admins asking for an example add.
    Richard said ALL Adds in ALL Areas, and I agree.
    So just choose ANY add to test from ANY of your Test Yahoo accounts.

  • Matthew Rich commented  ·   ·  Flag as inappropriate
  • Attila Mezei-Horváti commented  ·   ·  Flag as inappropriate

    I am experiencing the same malware issue. Very upsetting. I am debating if I should switch to other email provider that can offer a clean and secure web interface.

  • Robert Ramalho commented  ·   ·  Flag as inappropriate

    I am a Member of Resources 4 Me and I get several emails a week from you. Everytime I open a Link on your email pages I get a Harmful Site Warning from McAfee AntiVirus. I tried to log onto you Web Page from the Listings of your site and got the same Warning. I've Responded to your emails notifing you about this Situation. So far there has been no Responase from you reguarding this Issue. It would be Advisable for you to check out this Problem before someone's Computer get Infected from your Site.

  • Cosmo C commented  ·   ·  Flag as inappropriate

    I have also experienced this. Fortunately I know how to get rid of the pop up. The ads really need to go without having us pay yearly to not have them.

  • hwalter2001us commented  ·   ·  Flag as inappropriate

    Don't waste your time and energy telling yahoo they have a security problem, Yahoo is like the 3 monkeys (or is it the 3 stooges?)... well in either case ..... yahoo doesn't give a rat's tail about any security problems. They would rather spend their time making their products look like Google (the sincerest form of flattery is imitation).

    In 2012 Yahoo was made aware of a security issue - their "fix-it" advise... change your password!
    No changes made on their end. Over 400,000 accounts got hacked & I was one of those 400,000. I wrote emails to Yahoo, posted on Facebook, I wrote on yahoo's support pages so many times - I bothered them so much they closed my account. Too funny, like the little Dutch Boy, rather than plug the hole in the dam, Yahoo's answer was to plug their ears with cotton so as not to hear the water as it was bursting through the dam.

    Repeat the above paragraph and replace the year 2012 with the year 2013, and again repeat the above paragraph for the years 2014, 2015, and 2016 and this is the year that Congress finally got involved.

    By October 2017 yahoo finally publically admits that ALL 3 billion of yahoo user accounts have been hacked and victims of id thieves. ALL, EVERYONE that has or had a yahoo account their personal info was being sold on the dark-web.

    1) The Senate Commerce Committee had to subpoena (ex yahoo)CEO Mayer and compel her to appear and testify before she would admit any wrongdoing and 2) If it had not been for Verizon going over-the-books (figure of speech) Yahoo user info would still be available for sale on the darknet.

    So my advice is to start writing your Congressman/woman and letting them know that Yahoo is at it again because Yahoo didn't listen to its users back in 2010 (the first email I sent to Yahoo about hacking my mail account) what the **** makes you think Yahoo is going to listen to any user now? Just because Verizon is at the helm?? Remember Verizon are the ppl that willing gave all our info to the NSA (guess the Boston marathon bomber, the under-wear bomber etc. were not Verizon customers).

Feedback and Knowledge Base