ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

How Did My Email Account Get Hacked? Yahoo Gmail Hotmail AOL Comcast

Updated on June 19, 2013

I have written a series of articles on Yahoo email Hacks, Gmail Email Hacking and Hotmail Email Break-ins. I began this series after my traumatic incident with my email account being hacked. As I wrote about before, my experience was terrible. I logged into my email account to discover an inbox filled with rebounded messages. It was very confusing at first. I never suspected I would be a victim of an email hack, but the culprit managed to find their way in… and send hundreds – to- thousands of embarrassing email spam to my friends, family, acquaintances’ and Lord knows who else. Here’s a screenshot of how my Inbox looked:

I was able to discover I was hacked when I logged into my Yahoo dashboard and saw an unauthorized user from overseas accessed my email only moments prior to the flood of rebound messages:

I then followed the directions I wrote about in my Yahoo Email Hack article to prevent future hacks, but that didn't stop me from wanting to find out HOW someone from overseas was able to access my email. So I began researching.


In my case, I hadn't given my password out to anyone and I was able to obtain a list of the Most Common Passwords:

Image compliments of
Image compliments of

my password was not on this list, nor even close to anything on this list. So I continued to hunt.

Yahoo Email Hacks Skyrocketing For "Unknown Reasons"

According to The Next Web, Yahoo has reported giant amounts of email compromises in 2013. Yahoo does not have an explanation for the email hacks, but what is interesting about this article is that numerous people who are somewhat web-savvy have pointed out that their situation matches mine: the hack occurred without being a fault of the user. (For example, the user did not click spam links). With the quantity of people reporting they did not take actions that would cause their email to be hijacked, it appears the issue is on the Yahoo-side of the fence.

So how can one prevent a hack that is not their own fault? Some email providers, such as Yahoo, allow the user to create a Sign-in Certificate. You can also set up your email to make you enter a text message code if the IP address is suspicious. This means the user cannot enter until they get the SMS text message then enter the correct code; which is impossible unless they have access to reading your texts.

But lets say you don't use Yahoo or you aren't convinced that an "unknown problem" (on Yahoos side) is the answer...


I wrote about this in my Hotmail Hack article. Many of us have friends, coworkers or acquaintances who like to send us "funny stuff" (or motivational stuff), perhaps you are one of the people that send these fun things, or perhaps you simply Forward them to your friends. But what you don't realize is that every email listed on the SEND TO is at risk of spam and and a potential hack.

So lets say your friend sends 50 people the joke email. Then each of those 50 people forward it to another 20 people; that's 1,050 email addresses that all have potential of being hacked if only ONE gets compromised.

Like I said in my other article; there's alternatives you can use if you like to send jokes or other non-important information often, such as starting a private Facebook group.


Theres millions of things you can sign up for using your email address; from free cell phone apps to mailing lists for coupons to in-store promotions. The best thing to do is to create a secondary account for everything you sign up for; that way, if the secondary account gets compromised, there's no personal information in it. BE SURE TO USE A DIFFERENT PASSWORD.


If you get instant messenger / chat requests from unknown individuals, do NOT accept them nor respond to them. Hackers are able to obtain your IP address, port information and other information within seconds of you responding.

If you receive an instant messenger request from someone you believe is a friend, shoot them a quick text message or phone call to verify that they are the one who is trying to add you and NOT a hacker. In one case, my friend had his cell phone stolen. The phone allowed a local individual to access his connected email, including his instant messenger account. This individual then began contacting people through messenger and pretending to be my friend.


It's quite possible your computer has a virus and you are unaware. You may not have done anything to get a virus. In my case, it's very possible that my computer got a virus from allowing friends to use it. While I can control what links I click and what sites I view, I cannot control what a friend does while on my pc. To refer you back to the Yahoo article written by The Next Web that states, quote:

"...attackers have apparently been referencing a non-existent MSNBC news report in the email. The URL that is included (we’re not linking it here for obvious reasons) redirects to a fake MSNBC page that reportedly hijacks your Yahoo Mail account immediately if you are logged in."

All it takes is a friend or family member using your pc to view their email, then clicking this link.

Most Backdoor viruses go undetected until your computer goes haywire.


If you use the same password for your email account, social networking sites and other things; each time you use the same password, you run the risk of a hack. For example, if your Hotmail password is the same as your password for Facebook; should Facebook get hacked then your information is exposed.


As reported, "Man in The Middle" (Also known as MITM) attacks are simple and done right in front of you without you ever knowing. While you are kicking back at the local bistro and sipping your Caramel Latte, you log onto the Free WIFI. Meanwhile you have no idea that someone has set up their computer to act like a router. This tricks your computer into thinking that the computer actually IS the router. Then the REAL router thinks the culprits computer is your computer...but it is not... the culprits computer is "in the middle" of your computer and the real router, hence the name.


Another tricky way to get someone to click links is to annoy them with emails...with UNSUBSCRIBE links that aren't really to unsubscribe at all. So before you UNSUBSCRIBE to anything; instead use your MARK AS SPAM icon and have it sent to your trash folder. Now it will never annoy you again and you don't have to worry about clicking a dangerous link.


it is very important to look at all aspects of a hack situation, and the answer may not be what you were looking for. Unfortunately, anyone who has access to your computer can install a program that is called a Keylogger. (Keylogger viruses can also be installed by clicking links). A Keylogger program does exactly what the name is: it "logs" "keys", meaning, everything you type is recorded and visible to the "keylogger". Every key you type, from passwords to private emails is now recorded in a database, so-to-speak.

If you have a significant other, roommate, roommates friends or anyone that wants to read what you are typing on your PC, be very cautious.

A Keylogger program works like this:

Photo compliments of
Photo compliments of

This particular keylogger program is available for about $100.

A jealous or paranoid individual can easily place this onto your PC when you are not paying attention and "secretly" monitor all of your actions.


Removing a Keylogger will most likely require one of the two following:

1. Having your computer reformatted

2. Finding out where the Keylogger came from and contacting them. For example, if your computers HISTORY shows visits to a suspicious site, such as, you must contact them and they will immediately deactivate the account of the user. I wanted to see how they operated, so here's my correspondence with LIVE CHAT:


You are now chatting with 'Jaden'

Jaden: Welcome! So that I may better assist you, would you please tell me what you'd like to accomplish using our software?

you: I would actually like to remove the software, can you please tell me how?

Jaden: I am sorry but you are currently under our Sales Queue. To be able to assist you further for security purposes, please log in to your online account. Once you log in, just click on Help tab >>HELP STEPS>>then select Chat with an Operator (Option 2), that will take you to our Support Queue.

Jaden: Kindly use this link below to log in:


you: I did not download it, but it is my PC.

you: I would like to take it oss my PC immediately

you: *off*

Jaden: I see. If you believe someone has illegally placed our software on your computer, please click the link to access the necessary forms if a new window doesn't open for you.

Jaden: We can neither conform or deny the presence of our software until this crucial step is performed


you: Ok, I will fill out the form. Can you please tell me where I can locate the files on my PC

Jaden: Please fill out the form and send it in, the fraud team will be happy to assist you.

Jaden: We really do apologize but since the software runs invisible on the device, only by sending us the Fraud Form can help us identify and investigate further regarding any software illegally installed on any device.

you: Can you please explain how it runs undetected?

Jaden: By design, the software runs undetected once installed on the target machine.

you: But what does that mean? There has to be some form of file somewhere, correct?

Jaden: I'm sorry but we are prohibited from giving any support-related responses.

Jaden: We still need to investigate if the software has been installed on your machine.If the results of our investigation turn up an account, that account will be immediately deactivated.

you: I understand that. But I would like to remove all files immediately. I have no problem filling out your forms as well.

Jaden: You can reformat your machine that will remove all the programs illegally placed on your computer including WebWatcher.

you: I already contacted the local PC place, that was also their suggestion, but that requires me to pay $200 and potentially lose data.

- - - - - - - - - - - - - - - - - - - - - - - - - - - -

And that's where my conversation ended because I could tell I was getting nowhere.

Then I discovered that Keyloggers do not need to come in the form of programs. Check out the keyloggers below, available for sale on


Next please read WHAT TO DO AFTER YOUR EMAIL HAS BEEN HACK AND SPAM SENT. This article will explain practical ways to help you get over the embarrassment of your current situation.


Hopefully this article has added some insight as to who could have hacked your email and how you can prevent future hacks. Check out my other articles on this topic and be sure to take my poll below:


See results


    0 of 8192 characters used
    Post Comment

    • jabelufiroz profile image


      5 years ago from India

      It is good to share your experiences. Voted up.


    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

    Show Details
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)