Yahoo! Inc. acronym for “Yet Another Hierarchical Officious Oracle” (Gil P.) is an American multinational Internet corporation with headquarters in Sunnyvale, California. It was founded in January 1994 by Jerry Yang and David Filo and incorporated on 1st March 1995. Its present CEO and President from July 17, 2012 is Marissa Mayer (Pariroth N.,2012). It’s services include Web Portal, Yahoo Search, Yahoo Groups, Yahoo Directory, Yahoo News, Yahoo Finance, Yahoo Answers, online mapping, fantasy sports and Yahoo mail which is a free email service launched in 1997, and Yahoo Mail was the third-largest web-based email service with 281 million users as of December 2012 (Molla ...view middle of the document...
We were recently informed of an online video that demonstrated vulnerability. We confirm that the vulnerability has been fixed. In addition, we are investigating recent reports of increased abusive traffic and will work diligently to fix any vulnerabilities that are found. Concerned users are encouraged to change their passwords to a safe password that combines letters, numbers and symbols.” (Protalinski,2013)
A cross site scripting (XSS) vulnerability has led to Yahoo mail hackings and has made Yahoo lose some of its users.
More than 50% of yahoo mail holders are affected by the vulnerability
Internet security experts said criminals had used an international network of hijacked computers to mount the attacks on Yahoo!
Attacks typically consist of Yahoo users receiving an email from a friend or colleague (and sometimes a completely unknown party) containing a link that if clicked on, results in the account being hijacked. Some say their hijacked accounts send emails to select individuals, others report they get sent to all their contacts, and one even noted that they went out to “anyone I had ever received and/or sent a message to”( Protalinski,2013)
Many Yahoo Email individual and company users have abandoned yahoo services. The account vulnerability to hacking concerns has led a British telecom company to stop using Yahoo Mail as the default email service for its 6 million customers.
Yahoo relies heavily on maintaining its email users to generate advertising revenue therefore this loss of clients could be a troubling sign for the company. Yahoo is now the third-largest email provider after Google’s Gmail and Microsoft’s Outlook.com. (Smith,2013)
This email hijack could also be the reason why yahoo market share has currently dropped to 12.2 percent compared to Google’s 66.7%. (Marse,2013)
Many people also now prefer surfing through Google than yahoo causing a drop in Yahoo’s traffic at an alarming rate.
A senior adviser at the security firm Sophos, named Chester Wisniewski, said Yahoo's hacking problem stems from the company's choice not to implement two-factor authentication -- a feature that sends additional one-time passwords to users' cell phones to make their online accounts more difficult to hack, like Gmail and Outlook.com. "Yahoo is the only one that doesn't have the ability to warn you that somebody else has accessed your account," Wisniewski said. (Smith,2013)
1.2 APPROACHES BY YAHOO
S- SOLUTION or APPROACH
They fixed the vulnerability by making amends on the DOM-based XSS vulnerability on all versions of the site. (Wheatley,2013).
They have also unveiled a redesign of Yahoo Mail, making it more user-friendly and sleek.
Yahoo are implementing safeguards and encouraging users to protect their accounts by using strong passwords, anti-virus software and avoiding clicking on malicious links, says Yahoo spokeswoman Caroline Macleod-Smith. She also said they are actively monitoring accounts for...