Cyber security officials are warning Yahoo users to refresh their account passwords immediately and change their security questions and answers. And don’t do it only on Yahoo but also on all of your other accounts that use information similar to your Yahoo account.
A 2013 hack of Yahoo accounts potentially stole the information of up to 3 billion users. That is triple the number of users Yahoo had first reported.
The company says scammers are now preying on users again with false email instructions of what to do after the breach that are, in turn, duping users again. Phishing emails are encouraging users to click on disguised links. Yahoo says its emails will not ask you to click on anything. They also said they will not send any attachments or request any personal information from users.
“The email from Yahoo about this issue will display the Yahoo icon Purple Y icon when viewed through the Yahoo website or Yahoo mail app,”
the company says on a FAQ section posted to its site. “Importantly, the email does not ask you to click on any links or contain attachments and does not request your personal information. … Avoid clicking on links or downloading attachments from such suspicious emails.”
Yahoo’s website also offers instructions on enabling two-step authentication for accounts to provide an extra level of security.
Hackers may try to use stolen passwords and security questions on a user’s other accounts. So security experts are urging users to change their passwords and security questions on any accounts that use similar information.
View more information on what to do in
Yahoo’s account security update FAQ.
Source: “If You Have a Yahoo Account, Do This Now,” USA Today (Oct. 3, 2017)