Our Community Forum will be shutting down on June 27, 2024. Please visit att.com/support for all your support needs.
Protect yourself online
ATTU-verseCare's profile
Community Support

Community Support

 • 

6.7K Messages

Monday, April 10th, 2017 7:48 PM

Closed

Hack Attack: Internet & Email Security - Knowledge Share Wednesday, 04/26/17, 1-4pm ET

Hack Attack Int and Email.jpg

 

Long gone are the days that each of us feel comfortable leaving our front door open to our home. That applies even more so to our virtual home and identity on the internet. Join the conversation as we discuss and share knowledge on a topic that affects us all: Internet & Email Security.

 

Learn more about internet and email security here. Think your email was hacked? - Learn how to secure your email here.

*I am an AT&T employee, and the postings on this site are my own and don't necessarily represent AT&T's position, strategies or opinions.

Still need help? Ask a question! Our 1.4 million members typically respond within 1 hour.

1 Attachment

Employee

 • 

78 Messages

7 years ago


@miusername wrote:

Does ATT still trust Yahoo! to handle their customers' email?


@miusernameAT&T and Yahoo! continue to work as partners to provide the best possible customer experience. 

 

Tutor

 • 

8 Messages

7 years ago

Now that you mention it, I do recall seeing Service Host popping up near the
top of the list every once in a while. I think I'll try taking McAfee out
of Startup and enable Defender as you suggest. Seems like a quick way to
either suspect or eliminate McAfee. Thanks


Master

 • 

3.5K Messages

7 years ago


@Tigereyze209 wrote:

@ATTU-verseCare wrote:

Hi @Tigereyze209,

 

That is a good question. Both AT&T and Yahoo work together to ensure the E-mail functions properly.

it unclear.   I was mainly referring to legacy accounts in "free" status, and technically no longer entitled to in person support.. If their account is hacked, and the automated recovery options do not work, what are their options for account recover, if any?

 

As an ACE, I see a lot of posts in regards to this, and often, I honestly have no idea how to advise them.

 

Any feedback appreciated.


 


I'm curious about this too.  

This is/was an issue for Hotmail, GMail, and some others, and now they tend to "rather vigorously" pursue having you set up two-factor, for changing account credentials.

This puts the onus back on the user, which is the way it probably should be, although I admit the general public knowledge of just how two-factor works (it's really fairly simple, but often explanations get way too involved) is lacking, if almost non-existant.

Community Support

 • 

6.7K Messages

7 years ago


@Tigereyze209 wrote:

@ATTU-verseCare wrote:

Hi @Tigereyze209,

 

That is a good question. Both AT&T and Yahoo work together to ensure the E-mail functions properly.

 

As often happens, if an att customer who has an account that, for whatever reason, loses their password for, especiley the legacy accounts, who do they need to contact to see about getting that account reactivated? (Also, whatever information they might need to provide to verify ownership of that account.)

 

 Okay, I apologise. I can see I was a bit unclear.   I was mainly referring to legacy accounts in "free" status, and technically no longer entitled to in person support.. If their account is hacked, and the automated recovery options do not work, what are their options for account recover, if any?

 

As an ACE, I see a lot of posts in regards to this, and often, I honestly have no idea how to advise them.

 

Any feedback appreciated.


 


@Tigereyze209 Thank you for clarifying. Whether it is a paid or legacy account, it is still handled by the same team. Sadly, if the recovery options do not work and the account is not updated, there may be no way to help out. For security reasons, if the customer does not update their account, and only has the information from the recovery process on their account, but they do not know it, our hands our tied as well and there is no other forms of authentication. 

The best thing to advise is to link them to this article, which covers how to get back into the account and offers a number if they get stuck.

 

-ATTU-verseCare

Master

 • 

3.5K Messages

7 years ago

@Tigereyze209@ATTU-verseCare, I did find the Yahoo two-factor (not quite as nicely granular as hotmail/outlook.com, but still better) doc here:

https://help.yahoo.com/kb/SLN5013.html

 

If users did this, or were "heavily prompted" to do so, there would be FAR less issues like this, IMHO.  Of course that doesn't do much if you're trying to recover, and your phone has died or gotten changed or something, or maybe you're in a country where you can't readily receive a text message...
I have my two-factor set up with both a number AND another secondary email, to try to avoid the potential issue.

Former Employee

 • 

2 Messages

7 years ago

Adding two-factor authentication to your account really cuts down on the blatant hijacks, in terms of people gaining absolute control over your account.

@pgrey, Also, with two-factor authentication (where available) unless the person trying to access your account has your mobile device you've registered for the two-factor authentication method, they won't be able to get into your account, since a code is required, is unique and will be sent via text message to your device.

Professor

 • 

2.2K Messages

7 years ago

Email has and is an excellent form of non-verbal communications. However, when using email assume the worst and that is your email may be read by someone other than who you intended it for. Encrypting email content is a method that could be used to minimize exposure.

Master

 • 

3.5K Messages

7 years ago


@RossCS wrote:

Adding two-factor authentication to your account really cuts down on the blatant hijacks, in terms of people gaining absolute control over your account.

@pgrey, Also, with two-factor authentication (where available) unless the person trying to access your account has your mobile device you've registered for the two-factor authentication method, they won't be able to get into your account, since a code is required, is unique and will be sent via text message to your device.


Yep, 110%.  

The downside that's coming, is more and more are using apps or web-based texting (like the AT&T text backup and internet messaging), which can hose your two-factor protection, unless you have it protected (with a different password, and set to NOT keep you signed in, IMO).

It's a tricky world, getting more-so, hence my "double two-factor" setup ;-]

Master

 • 

3.5K Messages

7 years ago


@ApexRon wrote:

Email has and is an excellent form of non-verbal communications. However, when using email assume the worst and that is your email may be read by someone other than who you intended it for. Encrypting email content is a method that could be used to minimize exposure.


Yep, encrypted email is an excellent tool, although the standards around sharing the PSK (key for de-crypting) has never really solidified, IMO.  There are some out there, but very few follow them, and I've seen some really bright people (medical field included) struggle with how to do this, consistently.  Plus you need to "rotate" the key occasionally, or the same problems exist.

To be "actually secure" too, the PSK needs to come through a different transmission mechanism, such as a text message or similar, or retrieved, again through a secure portal or similar.  If you're sending the key un-encrypted, to the same email, your security is VERY low (although some might presume that it's good, obfuscation is VERY dangerous, IME).


This is why "secure portals" are good for this type of communication, like the AT&T messaging.  More of a hassle, but they can be highly secure, with minimal effort, and implemented across any array of devices, as long as they have a secure browser.

Professor

 • 

3.9K Messages

7 years ago

It has been a while since I checked up on this, but last time i did, two step verification was available for Yahoo accounts (in beta) but was NOT available for ATT e-mail accounts.

If this has changed, then cool. But as I said, unless it has changed, 2 step was not available to ATT accounts.

Not finding what you're looking for?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.