Yahoo! Sign-in Seal, prevent phishing

[pradipudhaya]

Hey ppl.. I just opened yahoomail.com and i noticed this thing on top of the login box.. It creats an image or text on top of the login box.. ok yo ppl jus chk it out.. hehe... *protect.login.yahoo.com/login/set_pref/?faq=1#faq2 or jus open yahoomail.com .... yo'll know

 

[Thor]

Yahoo Inc. (Nasdaq:YHOO - news) on Tuesday said it's testing a sign-in seal that ensures subscribers they're visiting the Web portal and not a bogus site set-up by a phisher to steal personal information. ADVERTISEMENT

The security feature is being offered to a "fraction" of subscribers chosen at random, a Yahoo spokeswoman said. The service is expected to be rolled out gradually, and to become generally available in the "coming weeks."

The sign-in seal, which is created by the subscriber, is shown each time the user goes to a log-in page for a Yahoo service, whether it's email, the personalized homepage or music. The seal is associated with the person's computer, instead of an ID and password, because Yahoo believed it was better to show subscribers they're visiting a legitimate page before entering any personal information, the spokeswoman said.

Sign-in seals are being adopted by financial institutions as an anti-phishing measure for online banking. Bank of America, for example, uses the mechanism, but associates it with a person's ID and password.

In creating a Yahoo sign-in seal, subscribers have the option of creating a unique message, such as a street address, or uploading an image. Users also can choose a sign-in seal color.

Web portals, which also offer online shopping and other e-commerce services, have made security a focus to ease consumer concerns. In a study released last year, the Pew Internet & American Life Project found that 9 in 10 U.S. consumers had made at least one change in their online behavior because out of fear of spyware, viruses and other Internet threats.

For example, more than 80 percent of the 2,000 adults surveyed said they had stopped opening email attachments unless they were sure the documents were safe, and nearly half no longer visited Web sites that they feared might deliver unwanted programs.

SOURCE : *news.yahoo.com/s/cmp/192203159

-----------------------------------------------------
But I wud really like to know how r they going to implement it 4 those who access their account away from their Home/Work PC ?

 

[aadipa]

This is useful when you use yahoo services on a single PC.

You can upload some image/logo to yahoo server, and for every time there is yahoo sign-in box, that logo is displayed on top of sign in box.

Some sites may create pages which looks same as yahoo login, and when you sign in, the user name/password is sent to that server, not to yahoo. As with new seal, all yahoo sign in will have a logo, so it is easy to identify an authentic yahoo sign in page.

This service was activated few days ago.

 

[Thor]

Ok. I got it! Its not account specific, but PC specific. So any yahoo user at any PC can set up a Sign in Seal. hmm. I wonder, suppose a faux site sets up a seal , and a new user who doesn't know abt the sign in seal of that particular pc opens up the log in page ? He will surely think that the "faux" sign in seal is the real one!
Only way to avert is to query others who have in past used the same pc for signing in. What say u ?

 

[deepgeek2]

Hi, I got it too.
Got my baby cousin's picture for this.
@ Thor: Simple :Tell everyone who might use the PC for checking mails. At a home it maynot be difficult. In offices if you put the logo of competitors ;then just informing one person will ensure that the news spreads like wildfire....

 

[Thor]

[]. Ya it definitely wud. Again, spreading the knowledge is the key factor.

 

[tinku dhar]

doooo anyone know how to get BACK after yahoo id is BEEN hacked ....

 

[Thor]

U mean ur password has been changed by someone else ? Then there is a way,
while signing up with Yahoo Mail, u had given a Secondary mail account.
In their login page click the "Forgot" password link. They shall ask for ur id. Give it.
They shall mail the new password to ur secondary a.c . if u haven't given the secondary a/c while signing in. they Sorry!

 

[tinku dhar]

U mean ur password has been changed by someone else ? Then there is a way,
while signing up with Yahoo Mail, u had given a Secondary mail account.
In their login page click the "Forgot" password link. They shall ask for ur id. Give it.
They shall mail the new password to ur secondary a.c . if u haven't given the secondary a/c while signing in. they Sorry!

well mayn ...,

i have tried with tht also ... BUT noooo the HACKERs have done really very BADly ....

also i have written letter to DIGIT bout this with a SCREENSHOt but they have not helped me

 

[deepgeek2]

well mayn ...,

i have tried with tht also ... BUT noooo the HACKERs have done really very BADly ....

also i have written letter to DIGIT bout this with a SCREENSHOt but they have not helped me

Open a new id and complain to yahoo about this

 

[tinku dhar]

Open a new id and complain to yahoo about this

well mate ... ,

i have 1 but how suld i COMPLAIN also will they reply to my ????????????? complain ????????????????????????

 

[Thor]

Slim Chance! In the first place u have no way to prove that it was your id.

 

[tinku dhar]

Slim Chance! In the first place u have no way to prove that it was your id.

yaaaa but man if i give them the 1st password i used to have than ????????????????

also my BIRTHDAY etc etc

 

[Thor]

It is quite possible that the hacker has changed the Birtdate too. And u would be better served directly mailing Yahoo authorities abt it. Moreover chances r all ur mails hv already been read/deleted / vandalized !
So u wud be better of getting urself a new a/c.

 

[tinku dhar]

okkkkkkkkkkkkkkkkkk i will neva gonna USE YAHOO now

as i have send mail to them and they have not replied it also ... if possible gemme the yahoo mail's MAIN EMAIL id i will mail there bout this