Anyone using sbcglobal.net EMail?

Someone that I know said that their EMail was hacked and that all of their EMail account contacts were deleted. The person said something like this:

I started doing some searches on this issue and found a lot of complaints from people with their EMail accounts being hacked. I also see that the reputation on WOT and some other ratings sites is quite Bad.

What have been your experiences with sbcglobal EMail?

Does sbcglobal's EMail display Ads which may be Malicious?

Thanks in Advance.

 

You pretty much have basic protection.

advertisements:
- yahoo main page (news, weather, etc.) displays adchoice* advertisements.
- no malicious advertisements within mail, even with browser addons off.

attachments:
- all messages/attachments are scanned when received/sent.
- you can restrict attachment size.

spam protection:
- create disposable e-mails, content filters, and use the unsubscribe app.
- unsubscribe works wonders on spam. The only issue is the app spams you with messages when its successful. I have these marked as spam, but you could also filter these messages. That way they show up in a specific folder or are blocked completely.

log-in protection:
- no two-factor authentication, as far as I'm aware.
- create custom sign-in seal. Suppose to spot phishing sites posing as yahoo.

Note:
I'm not sure there is any protection against malicious URLs. I'd presume these are flagged when messages are scanned and received, but I make it best practice not to open suspicious or unknown messages. If I receive an attachment from a friend. I generally shoot them a text to confirm authenticity before downloading. I've had no such problem myself, nor has anyone that I've helped setup. It's my understand that some of the folks getting hacked are using easy to guess passwords and security question answers. Your security question answers should be treated the same as an account passwords. It is fairly easy to make account changes if you can figure these things out.






I could be wrong, but I don't typically receive these types of links. And if I do, I make it practice not to open and view suspicous or unknown messages.



Any attachments/messages you receive/send are scanned. Beyond that, I'm not aware of any malicious advertisements, but that isn't a problem if you run an adblocker and/or noscript/request policy. I don't permit anything to auto-execute. I'm not aware of any protection against malicious URLs.

 

The domain sbcglobal.net itself is part of AT&T. The current AT&T was actually the former Southwestern Bell Corporation (SBC), which was one of the Regional Holding Companies (or "baby-bells") that the AT&T Corporation was broken into in 1984. As a regional, local phone operator SBC actually became larger than the long-distance carrier piece which retained the AT&T name. SBC eventually merged with (but really more "bought out") the long-distance carrier and chose to use the AT&T name, as it was much more well known internationally.

AT&T basically outsources their email operations to Yahoo. So, the actual web interface for sbcglobal.net is http://att.yahoo.com and the IMAP server you would use is imap.mail.yahoo.com. There is no difference in security between sbcglobal.net and any other Yahoo! email domain. In general, I doubt that Yahoo would purposely or accidentally allow any advertisements that contained malicious URLs in, and of themselves. However, it's possible that there may be some "questionable" advertisers that once you've linked to their site, that they in turn may have malicious URLs somewhere on their site. In this case, I suspect that the affected user may be referring to being linked to http://www.beallsonline.com. At a glance, that site looks legitimate, and like they would not knowingly host any malware. Honestly, if hacked, I would lay my suspicions elsewhere.

Or it could have been that they clicked a link in an phishing email that looked like it was from Bealls... and they just associate that with their sbcglobal.net email account at Yahoo, even though you can't really hold the email provider responsible for not being able to screen every phishing email attack. If you look at any of the big email handlers -- gmail, hotmail, yahoo, etc -- they all get their accounts hammered with tons of spam, junk, and phishing attacks. In general, they each do a pretty good job of pruning out the crap, but they are more likely to dial their junk filters such that they risk more false negatives (allowing in junk) than false positives (filtering out valid email).

If the person is complaining about credit card fraud after using their account online at Bealls, you also can't discount that Bealls itself was the victim of hacking... and that they had all of their stored credit card accounts lifted from their servers. This happens more frequently to major retailers than you might think.