Yahoo! Mail Blog
The latest scoop on Yahoo! Mail product updates, new releases, bug fixes,

The Yahoo! Mail team and I have used this blog many times to keep you informed about how you can stay safe and protect your personal information on the Internet and in Yahoo! Mail. We’ve posted on the best ways to recognize and avoid phishing scams and how to avoid falling victim to lottery attacks. We also use several measures to help you protect your account information including secure login pages, the ability to set up a sign-in seal, and scanning attachments for viruses.

There is another threat that exists called the ‘cookie replay’ attack, where attackers gain access to your account using public WiFi networks. It is an industry wide issue that can affect any Web site including Yahoo! Mail. While this threat does exist, I have not heard of any of our users complaining about being a victim.

I try to be as safe as I can when online. Here are some things you should do to help protect you against this type of exploit:

• Always be cautious when accessing your email account when using public WiFi networks. Consider accessing your account only on secure networks.
• If you need to use public WiFi networks to access your email, use a POP email client to access your mail via SSL. Yahoo! Mail UK users have the ability to send and receive mail via email clients like Microsoft Outlook, Mozilla Thunderbird and others (our friends on the other side of the ‘pond’ will need to sign up for Mail Plus). Make sure to set up your client with SSL security for the best account security.
• Sign up to a personal VPN service (or, if they offer it, use your work’s VPN)

We feel strongly about offering you protections to safeguard your account. We are committed to developing solutions to tackle this industry wide security issue. And we hope to have a solution in sometime in 2010.

I will to keep you up-to-date on the progress of that solution. Until then, be smart when accessing your account via public WiFi networks. If you must access your email on a public WiFi network, try to use POP via SSL or a personal VPN client.

More general information on security can be found at http://security.yahoo.com, and for security tips for mail visit http://uk.antispam.yahoo.com/. As always, please feel free to contact our Customer Care team.

Read more »

A small fraction of Yahoo! Mail users may have experienced intermittent email issues earlier today, October 26, but the problem has now been resolved. We believe this was an isolated incident. We apologize for any inconvenience this may have caused. If you are still experiencing any problems with Yahoo! Mail, please contact our Customer Care Team.

Read more »

Today’s post comes from reader suggestion (who will have to remain anonymous, because I seem to have misplaced his email, ping, message from Facebook, LinkedIn etc.), who reminded me that, ‘with all of the fantastic new updates we’ve been releasing lately, like the new social features and Apps in Yahoo! Mail, we sometimes overlook the great features that have been around for ages.’ Features which make Yahoo! Mail the best (not just my opinion) email service around. One such feature is the ability to add an extra mail address to your Yahoo! Mail account.

You’ve got questions, I’ve got answers…

What is it?
An extra mail address is a second Yahoo! email address that is linked to your existing Yahoo! Mail account. It’s another email address, just like your primary one, that you can use to send and receive mail from, while using the exact same Inbox you’re used to. You can even make it the default address that you send email from if you want.

Why do I want one?
I can think of a number of things that you could use the extra mail address for. Here’s just a couple:

• Let’s say you’re looking for a new job. If you originally signed up for a mail address like barry_manilow_fan@yahoo.com, you might think twice about putting that at the top of your resume. You can create an extra mail address that is more appropriate for a job search or other business correspondence.
• Maybe you just want to have a second email address. There’s a great deal of convenience in being able to check for new mail without having to login and out of two separate accounts.

Sounds good, how do I get one?
It’s easy to set up and start using. From your Yahoo! Mail account click ‘Options’ then ‘Mail Options’ in the upper-right part of your Mailbox. From the Mail Options screen click ‘Accounts’ then ‘Add or edit an Account’. At the bottom of the new window click the ‘Get Started’ link under ‘Extra Mail Address’.

That sounds easy, but I’m still not sure. What else?

• You can easily send from this extra email address by selecting it from the pull-down menu when you compose a new message.
• You can sign in to your Yahoo! Mail (or anywhere else on Yahoo!) using the extra email address with your existing password.
• You can even make the extra email address the default for sending new mail. Just set it as the default in the ‘Mail Accounts’ section of Mail Options.

I really hope you try out this feature. If you get stuck, or want to find out more information about extra email addresses in Yahoo! Mail, take a look at our help pages.

Read more »

You might have noticed that we unveiled our new global marketing campaign. It includes a new video ad – ‘Anthem’ – that features the many ways that Yahoo! connects our users to the people and things that matter most to them. At the heart of the campaign is YOU and how you use Yahoo! to make the Internet your own.

BeCause Yahoo! Mail is all about you too, it now offers the ability to:

• Have your picture on your “What’s New” page and a complete profile http://profiles.yahoo.com
• Select and add useful apps you want in Yahoo! Mail. Click on the “+” button next to “Application” in the bottom left of Yahoo! Mail)
• See messages and updates from people you really care about right on your “What’s New” page

And we will continue to innovate and enhance Yahoo! Mail to make sure that we provide you with the Smartest Mail experience on the Internet.

Gregory Talon – Product Manager Yahoo! Mail Europe

Read more »

Yahoo! web lifestyle editor, Heather Cabot, was a guest on the Martha Stewart show last Friday. You might remember Heather from her appearance on The View from the Bay last year. Martha’s show on social networking and technology featured guests David Pogue from the New York Times and Biz Stone from Twitter. Heather was on to highlight how Yahoo! makes it easy to bring everything that matters to you in one place.

The beginning of Heather’s segment includes a tour of our newly designed Homepage. But I’m probably a little biased in thinking the best part was when Heather and Martha opened up Yahoo! Mail to highlight some of the open and social features that help you to be more productive and stay better connected. I have to agree with Martha that Picnik is a really great Yahoo! Mail App.

Here’s a link to the videos available from the show on Friday. http://www.marthastewart.com/show/the-martha-stewart-show/the-tech-show. Heather’s segment is number 4.

Read more »

It didn’t take long did it? You’ve read the reports from yesterday about email account information being posted online and all the stress that goes with worrying about your online safety. Already there are people out there trying to take advantage of the fact that you might be concerned whether or not you were one of the few people affected by the phishing attack. Phishing, for those of you unfamiliar with the term, is the act of trying to trick you into revealing your account and login information via a fake email or fake Website.

Here are some tips to help you identify phishing emails:

• Make sure the Web page address doesn’t have any misspellings or extra words (e.g. http://www.yah000.com, http://www.yahoo-members.com, or http://www.yahoo.BadGuyEnterprises.com) in it. When it doubt, go straight to http://www.yahoo.co.uk and log in from there.
• Be vigilant about anything that doesn’t look right on the page, such as typos, outdated content, or broken or missing pictures.
• Best idea: be sure to set up a customized “Sign-In seal” picture — instructions are at https://protect.login.yahoo.com/ – and never enter your password unless you see that picture on the page.

Just this morning we’re getting reports of a particularly well prepared email attempting to make you think that we are contacting you to verify your account information. In fact, this is nothing new. I’ve posted about this before. But this particular version of a phishing email has been very well produced and appears to look very official. So if you have received something like the screenshot below, this is not an email from Yahoo.

This one pictured above is a prime example of a phishing email, which uses a scare tactic to try to solicit you to send your account details and password. The one above is using the news stories from yesterday to lure you into clicking a link (the link in the email actually goes to some website that is not part of Yahoo) and giving your account details. Always be mindful of any Web page that requests your Yahoo! password (or any password for that matter).

So if you receive an email like the one above, don’t fall for it. Just delete it, or better yet, click the “Spam” button. It’s the quickest and easiest way to let us know that it’s spam.

Andrew – Yahoo! Mail Team

Read more »

Keeping you safe while you’re online is a top priority for us here at Yahoo!. One important part of your online safety is making sure that nobody else can access your Yahoo! Mail account without your permission, and the best way to do that is to make sure you choose a good password and make sure nobody else knows it or can easily guess it.

I know it can feel like a pain typing out a more detailed password, but none of us want to make it any easier for the bad guys.

My top advice is to be mindful of any Web page that requests your Yahoo! password. The #1 way people get their passwords stolen is by typing them into lookalike “phishing” web sites, pages that pretend to be Yahoo! or another trusted Web site but actually are run by the bad guys. Scrutinize carefully any page that requests your Yahoo! password. In addition:

• Make sure the Web page address doesn’t have any misspellings or extra words (e.g. http://www.yah000.com, http://www.yahoo-members.com, or http://www.yahoo.BadGuyEnterprises.com) in it. When it doubt, go straight to http://www.yahoo.com and log in from there.
• Be vigilant about anything that doesn’t look right on the page, such as typos, outdated content, or broken or missing pictures.
• Best idea: be sure to set up a customized “Sign-In seal” picture — instructions are at https://protect.login.yahoo.com/ — and never enter your password unless you see that picture on the page.

Here are a few more tips to help keep you safe online:

• Don’t use the same password on multiple sites. Your Yahoo! Mail account is important to you, so it deserves its own password. That way, if the unthinkable happens on another site, at least your Yahoo! mailbox remains secure.
• Never send your password over email. Yahoo! will never request your password from you in an e-mail; if you ever receive such a request, you should treat it as fraud. Do not pass “Go!” Instead immediately click the “Spam” button on that message.
• Protect yourself with a virus scanner. Another way passwords get stolen is from a virus that records your keystrokes. Don’t give the bad guys that option: There are a number of anti-virus companies that offer free versions or trial offers, including (in no particular order and with no specific endorsement implied) http://security.symantec.com , http://usa.kaspersky.com/downloads/free-virus-scanner.php, http://us.mcafee.com/root/downloads.asp?id=freeTrials, and http://www.avast.com/eng/avast_4_home.html.

Unfortunately there is no silver bullet against these criminals and con-men, but hopefully these tips will help us all keep the bad guys at bay.

Read more »

You may have heard or read about email accounts and their passwords being posted online. While I’ve read different versions of how the person(s) responsible was able to get the email account information, it was not a result of any insecurity at Yahoo! It looks to be a result of phishing attacks. Should you feel that one of your email accounts was affected by the recent publication, whether it is a Yahoo!, Hotmail or Gmail account, I would suggest changing your password as well as other account security information like secret questions and alternate email addresses.

We are aware that a limited number of Yahoo! IDs have been made public, it’s uncertain if any of those email/password combinations have resulted in any accounts being compromised. Online scams and phishing attacks are an ongoing and industry-wide issue and Yahoo! takes great effort to protect our users’ security.

We also have the following online resources that provide information and guidelines on email safety:
Our anti-spam site: http://antispam.yahoo.com/
With a phishing prevention sub-section: http://antispam.yahoo.com/phishing
Our help pages: http://help.yahoo.com/l/us/yahoo/mail/yahoomail/abuse/
And of course, I’ve posted a number of articles about online safety to this blog: Spotting phishing emails, how to spot online scams, avoiding the lottery scams, and account recovery help

Here are a couple FAQs that provide additional information:
Have accounts been compromised because of this?
We are unable to confirm whether accounts have been compromised at this time. However, we strongly suggest that consumers take caution in securing their email and other online accounts by regularly changing their passwords, and updating account security information.

What do I do if I think my account has been compromised?
You should change your password immediately. Also, if you are unable to enter your account, you can take steps to recover it here: https://edit.yahoo.com/forgotroot

We take online security seriously at Yahoo! We strive to make you and your Yahoo! account as safe as possible. Of course if you have any questions or issues with your account, please contact our Customer Care team.

Read more »

You may have heard or read about email accounts and their passwords being posted online. While I’ve read different versions of how the person(s) responsible was able to get the email account information, it was not a result of any insecurity at Yahoo! It looks to be a result of phishing attacks. Should you feel that one of your email accounts was affected by the recent publication, whether it is a Yahoo!, Hotmail or Gmail account, I would suggest changing your password as well as other account security information like secret questions and alternate email addresses.

We are aware that a limited number of Yahoo! IDs have been made public, it’s uncertain if any of those email/password combinations have resulted in any accounts being compromised. Online scams and phishing attacks are an ongoing and industry-wide issue and Yahoo! takes great effort to protect our users’ security.

We also have the following online resources that provide information and guidelines on email safety:
Our anti-spam site: http://uk.antispam.yahoo.com/
With a phishing prevention sub-section: http://uk.antispam.yahoo.com/phishing
Our help pages: http://help.yahoo.com/l/uk/yahoo/mail/yahoomail/abuse/ (phishing section at the bottom)
And of course, I’ve posted a bunch of articles about online safety to this blog: http://ymailuk.com/2009/05/05/keeping-your-account-safe-we-will-never-ask-for-your-password/
http://ymailuk.com/2009/02/06/top-tips-for-spotting-online-scams/
http://ymailuk.com/2008/05/07/spring-into-safety/

Here are a couple FAQs that provide additional information:
Have accounts been compromised because of this?
We are unable to confirm whether accounts have been compromised at this time. However, we strongly suggest that consumers take caution in securing their email and other online accounts by regularly changing their passwords, and updating account security information.

What do I do if I think my account has been compromised?
You should change your password immediately. Also, if you are unable to enter your account, you can take steps to recover it here: https://edit.yahoo.com/forgotroot

We take online security seriously at Yahoo! We strive to make you and your Yahoo! account as safe as possible. Of course if you have any questions or issues with your account, please contact our Customer Care team.

Andrew – Yahoo! Mail Team

Read more »

You might have noticed that we unveiled our new global marketing campaign yesterday. It includes a new video ad – ‘Anthem’ – that features the many ways that Yahoo! connects our users to the people and things that matter most to them. At the heart of the campaign is YOU and how you use Yahoo! to make the Internet your own.

Of course, as a proud member of the great team at Yahoo! Mail, I think nowhere is the spirit of YOU more personified than with Yahoo! Mail. With our new Mail we are helping you connect, share and do more than ever before right from within your Inbox. Our most recent improvements help you:

• see emails and updates from the people that matter most
• attach and upload files and photos of up to 25MB
• do more with useful apps (like editing photos, sending invitations) right from your Inbox

And we will continue to innovate and enhance Yahoo! Mail to make sure that we provide you with the best Mail experience on the Internet.

Read more »