Yahoo is constantly appearing on tech headlines. But unfortunately, every Yahoo article seems to be about a security breach of some form or another. And Yahoo Mail appears to be particularly vulnerable to attack.
Well, yet another security flaw was discovered in Yahoo Mail this week – but unfortunately, it was found far too late to protect users. And to make matters worse, when Yahoo programmers attempted to fix the flaw, they only made it worse.
Will the security problem affect you?
The Yahoo Mail security problem works by executing a script through a malicious link sent by email. That link exploits a “cross-site scripting flaw” on the Yahoo mail website.
The result? The victim’s account is completely taken over because the attacker has harvested the victim’s Yahoo cookie. If all that went over your head, then it basically means that a hacker has stolen your Yahoo Mail account. And unfortunately, unless you contact Yahoo right away, you will probably never regain access to your account again.
Yahoo’s failure to fix the problem
No site is perfect, and a cross-site scripting flaw can occur on almost any website. But Yahoo recently tried to fix the problem only to have it blow up in their faces. Yahoo tried to fix the problem by installing XSS filters onto the server.
A week later, it was revealed that those XSS filters had provided little defense against attacks. In other words, Yahoo Mail and its users thought they were protected from the new attack, only to find out that they were still susceptible to it.
You can read more about Yahoo’s difficulties at the Offensive Security blog.
Better free email services than Yahoo Mail
So if Yahoo Mail isn’t safe, then what are the next best email services available today? Here are a few of the safest and most popular free email services available today:
-Gmail
-Hotmail
-Outlook.com (like a blend between Hotmail and Gmail)
There is really no reason to use any other free email service beyond those ones listed above. Those three have proven to be secure and they all take user information and privacy very seriously.
No matter what free mail service you use, you should avoid clicking on links sent from unknown sources. Regardless of what the email says, clicking on an unfamiliar link in your email inbox is always a bad idea.