Yahoo is to begin warning users if they become the targets of state-sponsored hackers.
The company has become the latest Tech firm, behind Google, Facebook, Twitter, and others to warn users of state attacks.
“We’ll provide these specific notifications so that our users can take appropriate measures to protect their accounts and devices in light of these sophisticated attacks,” said newly appointed Yahoo chief information security officer, Bob Lord, in a blog post. He promised to notify users if it finds out that their Yahoo account may have been targeted by a state-sponsored hacker
Yahoo’s security team, commonly referred to as the “Paranoids,” will provide targeted users with “specific actions” they can take to make sure that their Yahoo accounts will be safe. This will ensure their Yahoo accounts are kept safe and restored as quickly as possible.
Yahoo’s new move is only the latest Tech Giant to offer such a service to its users. Google took some similar action in 2012 when it implemented its own stat hacker notification system into play. This occurred just a few short months after it pulled out of China after Google’s China offices were hacked by what was widely considered to be an attack by Chinese government sponsored hackers.
It also has echoes that reflect similar concerns from Facebook. State sponsored cyber attacks can be extremely advanced and pose a significantly higher risk than general hacking. This is why Yahoo have decided to join the rest of the gang and give users a dedicated alert so that immediate action can be taken to keep their account secure.
Yahoo says it will only serve these notifications when it has “a high degree of confidence” that an attack has been orchestrated by an outside government or state.
It was only earlier this week that Twitter itself also warned a number of users that their accounts had been targeted by state-sponsored attackers.
Bob Lord said in his blog post that Yahoo would follow a similar path.
“In order to prevent the actors from learning our detection methods, we do not share any details publicly about these attacks,” said Lord. “However, rest assured we only send these notifications of suspected attacks by state-sponsored actors when we have a high degree of confidence.”
Should you receive a notification by Yahoo, here are the actions that Yahoo recommend you take to keep yourself safe:
- Turn on Account Key or Two-Step Verification to approve or deny sign-in notifications, which grant or refuse access to your account.
- Choose a strong, unique Yahoo account password you’ve never shared or used before. Review our guidelines for creating a strong password and change your account’s password.
- Check that your account recovery information (phone number or alternate recovery email address) is up to date and that you still have access to them. Remove ones that you no longer have access to or don’t recognize.
- Check your mail forwarding and reply-to settings. Hackers could edit these settings to receive copies of emails you send or receive.
- Review your recent activity in your account settings for sessions you don’t recognize.