Friday, 3 December 2010

Why you should sign off your Yahoo and Hotmail accounts before going to bed?

When I said one of my friend that she should log off from her yahoo and hotmail accounts before going to bed, she laughed and told "Don't talk like my mother. She always insist me to take a cup of milk before going to bed and now you are insisting on something else, an added job to me".

Well, she started following my advice after I shared the dangerous secrets going behind the unsigned off accounts. You too will, once when you know what I really mean.

I have an yahoo account whereas my husband uses hotmail account. We both had the bad habit of not signing off our accounts or shut down the system for long time, unless something messy happens and forces us to do so. One fine morning, my husband saw a lot of "Mail delivery failed" messages in his hotmail inbox. He was shocked as he didn't send any of those mails. The mail was sent to all the users in his address book. He felt so bad, because he had not only friends and family members in the list, but also few of his colleagues and ex-managers from previous companies he worked for. It took a long time for him to revert the things back, sending apology mails stating it was a virus mailing through his account. After this, the first thing he did was to download his address book from the hotmail account and later deleted the entire list from the online account, reset the password, done... done... done...

Everything went smooth for a while. But again a day dawn with lots of mail delivery failed messages. This time it was sent to hell lot of people whom we don't even know and never heard about those email ids. He got shocked and had no clue why this happened again. He didn't have time to invest and investigate the issue. He left it to me saying "It is up to you to find and fix it. I don't bother any more about that account, as I have none of my contacts in it".

I too didn't spend time in it and forgot about it for a while. One day I got a mail from Michael Dadona, my friend, saying that he received some virus mail from my yahoo account. Now, it is my turn, I thought. I cannot give it up easily as my husband did, as I use this id for a long time and most of my friends have this id to contact me. So, I started analysing the issue.

I did a step by step analyze like this.

1. Is my account got hacked?

No, it was not. Because I were able to change my password. I am still able to login and use it. So, it is not hacked.

2. Did I give permission to some third parties to use?

No, I didn't. I am not into any third party business. I am just what I am, using id for mailing friends and chatting, just like millions of other people doing.

3. Did I share my password with anyone?

No, I didn't. Not even with my husband (oh, my sweet guy don't even bother to listen, even if I wish to share).

So, where it went wrong? How some one is able to get into our accounts and mail someone and slip off silently? If they were able to get into the account, why didn't they change the password and use it permanently?

Now, this sparkled something in my mind and came the secret in my hand.

When you don't sign off from your account and leave it idle for more than 2 or 3 hours, your account is identified as in "Sleeping Mode" by the intruders, who silently get into your account by wired method (which is also a weird method). It is just like leaving your front door open and going to bed. Anyone can get into it. They cannot do this when you are active and using the account.

So, once when your account is in sleep mode, intruders can enjoy using it, sending virus mails to their recipients as well as your recipients, read all your mails and do whatever they want and then get off from there.

Now, again the question comes. Why didn't they take the power of the account completely, ditching you out of your own account?
OK, here we go. To change your password, it will ask for the old password even if you had logged in, before changing into a new one. As I said, these intruders don't want to take any account in their hand. They just want to have some fun and misuse others belongings, sometimes blessed to have some crucial details like bank accounts and other passwords.

So, now what do you say? Want to sign off before going to bed or just have nice good morning just like we had?

1 comment:

Mike said...

I strongly and firmly believe this blog post will be receiving more traffic in short time because you've included the important basic thing as a checklist "I did a step by step analyze like this." for readers to take it as "MUST DO" for assurance before going to the next phase of analyzation.

Me too, taking your shares as an abounding note as I like much any kind of sharing sourced from profound learning and prolific practice done by oneself towards getting solutions.

When we do talking about an email account related to malicious activity hack-hacker-hacking, scam-scammer-scamming, and also phish-phisher-phishing are actually we are basically conversing about data terminal and its "live" networks.

I agree with your explanation on "sleep mode" be the great reason for where it began, I mean it's at high possibility especially when "intruders" found that specific account has more than 200 contacts.

Another source which not many write up about it is when we've signed up to a site with "sweet" notice for "We don't share or sell to any third party your email address". This is the silent "killer" point as a root of unnecessary devil.

Last time, I received an email from Facebook Team, was asking me to change password completely with words of these.....(I forgot the actual sentence but I'll share from what I understood about it);

"We found you've used the same password to many sites"

I love reading every word said or typed or published because in my self-nature-nurture learning process I must differentiate between what is a definition and what is a meaning.

So, what does it mean? The words for "We found" really pushed me to somewhat. Meaning that, only geek has the keyboard typing reader! or things related to it.


So, the only way to prevent this type of "event" and this is my slf-learning about it is to regularly change password. Thing which I really hate to do, previously.


If you want to detect physical location of your email sender, you can visit this site "didtheyreadit".

Not just the origin of their data terminal, but also you know when they opened up your sent email.

Thank you, Mythili Kannan for providing this good post as a great chance for me to interact with your talking words.