Update on Yahoo! Xtra Email Issues
Update on Yahoo! Xtra Email Issues
11
February 2013
The Yahoo! Xtra email service appears to
have been targeted over recent days by two separate but
potentially related malicious attacks. These attacks are
believed to have similarly affected other Yahoo! mail users
utilising Yahoo!'s mail servers.
The first attack was a phishing attempt. Some Yahoo! Xtra email customers received emails purportedly from people they knew with a link to a suspicious website. If the customer clicked on the link, then similar emails would be sent to certain contacts on their address list.
In the second attack, we understand from our own technical investigations that the security of some Yahoo! Xtra email customer accounts may have been compromised, making it possible for emails to be sent from these accounts without the customers' knowledge.
At this stage, it is difficult to be definitive as to the number of Yahoo! Xtra mail accounts affected, but we believe it represents a small percentage of the total Yahoo! Xtra customer base.
As a precaution, we advise all our Yahoo! Xtra email customers to reset their email passwords by going to the following link:
www.telecom.co.nz/changepassword
While the password reset may not be necessary for the vast majority of customers, it is good practice to reset passwords regularly anyway.
As always, anyone who receives suspicious emails should delete them immediately without clicking any of the links contained in the email.
The security concerns do not affect other Telecom email services such as Officemail.
Telecom's CEO Retail, Chris Quin, said: "Telecom takes the online security of all its customers extremely seriously. For email services we rely on our partner Yahoo! which, as a global email provider, has very advanced and sophisticated security systems. Yahoo!'s systems screen out the vast majority of malicious and spam email, which accounts for more than 90% of total email traffic.
"But no system is 100% bullet proof, and as we have seen from this incident, cyber attacks by global criminals are becoming increasingly sophisticated.
"We are currently working with Yahoo! to investigate further. We would like to apologise to all our customers for any distress or inconvenience caused and assure them that we are doing all we can, in conjunction with Yahoo!, to resolve this incident."
- ends -