News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Yahoo Assisting Adverts thru Pushing Security Protocol

    Posted on prachtexemplar Comment on the AskWoody Lounge

    Home Forums Admin IT Lounge Yahoo Assisting Adverts thru Pushing Security Protocol

    This topic contains 8 replies, has 3 voices, and was last updated by

     prachtexemplar 2 months, 3 weeks ago.

    • Author
      Posts
    • #340962 Reply

      prachtexemplar
      AskWoody Lounger

      Not completely by accident I now have a series of screen grabs and then went ahead and stored all cookie information and then the URL history and so I have quite a collection to support my thinking that something could be very wrong here.

      Oh yeah, who’s the new owner of Yahoo?  That name belongs in the title, yes?

      Anyway, here’s the deal.

      I’m logging into a Yahoo email account and first thing I see is some new style advert about — well, let me just look at the last (same advert as first advert) screen grab — System Mechanic from Yahoo — never heard of that product before — and I don’t have the very first screen grab because I obviously didn’t know there was going to be trouble.  Well, I am thinking this is trouble.

      Enter my address into that address bar thingy and next I see the “Prove you’re not a robot” thingy and, by the way, another new style advert I have never seen before when logging into Yahoo.

      Now I was into that account at least two or three times this past week and I can prove that too because of other screen grabs not related to this, and so why would their software think I am a robot.

      Oh yes, the second new advert is for Yahoo Computer Checkup, and these are fancy new advert pages I have never seen before and I’ll bet we can get publicly available info whether this is the recent start of a new ad campaign.

      Okay, let me try and reduce words here and simply state I had to do the robot thingy twice and have 5 screen grabs of that and all pages had fancy new adverts and then screen grab number 6 shows that I entered the wrong password.  That advert is the same as the very first one and why I know what the advert at the beginning was for.

      Which reminds me the very first robot thingy was before I was asked for my password.  I didn’t grab a screen image for the window to enter a password, but I think I remember that was before the second robot thingy.

      My other file about URL history and cookies might show when that password page was placed before me.

      But I am seriously of the mind to think that robot thingy stuff was simply to force me to see the new adverts.

      Yep, I can well imagine that would be about impossible to prove unless some employee gave us some confidential information, but I want to ask if anyone has ever run into the same style in the past?

      And could that be illegal?  Or very close to illegal?

      And, Woody, I hope you don’t get in trouble with an advertiser because of my post here.

       

    • #340987 Reply

      Sueska
      AskWoody Plus

      I am seeing the same new ads on the yahoo login screen. I noticed that when I entered my username and pressed Enter on the keyboard, this action was equivalent to clicking the advertising button and not clicking the Next button as I would have expected. (Unfortunately I could not recreate this error – perhaps it was specific to one of the ads). After clicking the Next button, I could enter my password normally. If I entered a wrong password, I would be presented with another ad and eventually circle back to the first ad. I have not experienced the “prove you are not a robot”. It is possible that with too many wrong login attempts you might be presented with a “prove you are not a robot” dialog. I did not feel like anything wrongful was happening, but yes the ads are very frequent. Now one thing to be careful of is, confirm by looking in the address bar that are you at the legitimate yahoo mail login site. ( the address should begin with https://login.yahoo.com/…) Phishing sites may have the identical ads and login page of yahoo. Hope this is helpful.

    • #340996 Reply

      prachtexemplar
      AskWoody Lounger

      Sueska, I can assure you that I had not yet seen the page for entering the password before the first robot fire hydrant one showed up.  The second one for busses may have been triggered by the incorrect password being entered, except I don’t seem to remember that as a default style in the past for Yahoo.

      But the first time the robot thingy showed up I know all I had done was hit that “Next” box.

      I haven’t had time to study all the evidence I’ve collected, but I would bet a round at the pub that I will be able to prove that I hadn’t yet entered my password incorrectly the first time Yahoo mistook me for a dog and showed me where the fire hydrant was.

      As for the link I use to log in, I have been using that link safely for a fair bit and many times recently because of another project, hence the statement in my first post I can prove I have recently been into that account.

      But thank you for your interest, Sueska.

    • #340997 Reply

      Rick Corbett
      AskWoody_MVP

      I’ve just logged in to my Yahoo account and nothing is different except, perhaps, that from login dialog to first displayed Yahoo news page seems faster than usual.

    • #341243 Reply

      Sueska
      AskWoody Plus

      Yes, Yahoo may present CAPTCHAs. The following weblink indicates some reasons and how to overcome difficulties answering CAPTCHAS.
      https://help.yahoo.com/kb/SLN2662.html
      “Yahoo uses CAPTCHA verification to protect against spam or other unauthorized account access. By selecting the correct images, you verify you’re human and not a spam-sending computer.”
      “When you’ll encounter a CAPTCHA
      Creating a new Yahoo account.
      Performing too many failed sign in attempts.
      Forwarding messages (chain letters, jokes, etc.).
      Accessing your account from a new browser, computer, or location.
      Sending an email containing HTML, links, embedded graphics, attachments.”

      I remember a circumstance where a user’s email got blocked. Turned out they made a password change. Another one of their email program’s which they forgot about, still using the old/wrong password was repeatedly trying to connect. Another circumstance, where there was no password change, the email client was corrupted somehow and sending wrong password data. This happened back in the day when the password was sent clear text. You could see hieroglyphic like data being sent as the password. Not sure if helpful for your circumstance or not. The reasons  for email problems can sometimes be hard to track down.

    • #341399 Reply

      prachtexemplar
      AskWoody Lounger

      I should apologize, Sueska, for not properly wording the first post and causing you to misunderstand my intentions.

      I am purely speculating whether some ad genius came up with an idea to get more views of an ad on a page that Yahoo controls.

      I have no malware on my unit and it was not a fire hydrant presented to me for any sort of act I committed the last time I had logged into that account, or any act I committed while logging in that time just prior to when the first “Heh, You Be A Robot?” tool popped up.  And my unit’s OS was configured the same as before because I don’t let any nice company like MiniHard install an OS that does auto-updates and my IP address hadn’t changed.  The Yahoo anti-spy software was seeing the same information (Except the time; as I’m still working on my latest sun-manipulation program.) — the same information it had seen the previous 2, or 3, or more times in the previous few days as it was seeing that time I am writing about.

      Again, my apologies for not doing a good job writing that first post up there..

      But it is very kind of you, Sueska, to place the following quote in your last post:

      “Yahoo uses CAPTCHA verification to protect against spam or other unauthorized account access. By selecting the correct images, you verify you’re human and not a spam-sending computer.”

      Because I am speculating that somebody at Yahoo, or in the offices of their new owner’s advertising department, decided to use that neat fire hydrant for a purpose not intended when that tool was first deployed.

      But if I am correct, they will guard that information.  But if some eager new cyber-detective were to investigate this possibility, then that would be cool, so to speak.  No harm was done, so it wouldn’t be something any regulators would move to the top of their priority list, but it could be interesting from the aspect of allowing us to peek into the brain of some future hotshot in that company.  Or the advertising industry.  Bunches and bunches of currencies are being passed around throughout this Net World because of decisions made about advertising.  Obviously, a serious business.  And I think there is some regulation of the business.

      • #341634 Reply

        Sueska
        AskWoody Plus

        Thank you for your further explanation. I am understanding now. Yes, advertising is serious business indeed.

    • #346563 Reply

      prachtexemplar
      AskWoody Lounger

      Okey-dokey, I hope you folks will excuse my being late with this.  There is no doubt that the first challenge was presented to me before the password page was shown.  Here is the proof, along with extra information on the cookie files that are in my log, including those after the actual success of logging in; but only the Yahoo cookies, not the huge number that we get from that landing page before you get to your inbox.

      Anyway, the necessary log information is below:

      < < < < < Copy Starts > > > > >

      3/13/2019 8:19:31 AM ++ https://login.yahoo.com/ ++ Yahoo – login

      3/13/2019 8:20:06 AM ++ https://login.yahoo.com/account/challenge/recaptcha?authMechanism=primary&displa ++ Yahoo

      3/13/2019 8:22:30 AM ++ https://login.yahoo.com/account/challenge/password?authMechanism=primary&display ++ Yahoo

      3/13/2019 8:22:30 AM ++ https://login.yahoo.com/account/challenge/recaptcha?authMechanism=primary&displa ++ Yahoo

      3/13/2019 8:23:08 AM ++ https://mail.yahoo.com/neo/b/launch?.src=ym&reason=myc ++ Inbox (1424) – Yahoo Mail

      ……………………………………………………………………………………………………………………………………

      Web site            : consent.yahoo.com
      User                :
      Filename            : LV59PFFB.txt
      Size                : 115
      Hits                : 0
      Accessed Date       : 3/13/2019 8:22:24 AM
      Modified Date       : 3/13/2019 8:22:24 AM
      Created Date        : 3/13/2019 8:22:24 AM

      This cookie file contains one cookie:

      Key                 : CFC
      Value               : AQEAAQJciZBcmkMfiQSD&s=AQAAAFIQVyVj&g=XIg_Ow
      Domain              : consent.yahoo.com
      Modified Date       : 3/13/2019 8:22:24 AM
      Expiration Date     : 3/27/2019 8:22:25 AM
      Secure              : Yes
      Created In          : Server

      ……………………………………………………………………………………………………………………………………

      Web site            : mail.yahoo.com
      User                :
      Filename            : 1V4I6J19.txt
      Size                : 84
      Hits                : 0
      Accessed Date       : 3/13/2019 8:22:48 AM
      Modified Date       : 3/13/2019 8:22:48 AM
      Created Date        : 3/13/2019 8:22:48 AM

      This cookie file contains one cookie:

      Key                 : cmp
      Value               : t=1552432968&j=0
      Domain              : mail.yahoo.com
      Modified Date       : 3/13/2019 8:22:48 AM
      Expiration Date     : 3/12/2020 8:22:48 AM
      Secure              : No
      Created In          : Client

      ……………………………………………………………………………………………………………………………………

      Web site            : mail.yahoo.com/neo
      User                :
      Filename            : 9QFABGQS.txt
      Size                : 104
      Hits                : 0
      Accessed Date       : 3/13/2019 8:23:48 AM
      Modified Date       : 3/13/2019 8:23:48 AM
      Created Date        : 3/13/2019 8:23:48 AM

      This cookie file contains one cookie:

      Key                 : YM.NEO
      Value               : &width=1007&height=656&tz=-540
      Domain              : mail.yahoo.com/neo
      Modified Date       : 3/13/2019 8:23:48 AM
      Expiration Date     : 5/12/2019 8:23:48 AM
      Secure              : No
      Created In          : Client

      ……………………………………………………………………………………………………………………………………

      Web site            : yahoo.com
      User                :
      Filename            : QSGX1PN1.txt
      Size                : 681
      Hits                : 0
      Accessed Date       : 3/13/2019 8:24:15 AM
      Modified Date       : 3/13/2019 8:24:15 AM
      Created Date        : 3/13/2019 8:24:15 AM

      This cookie file contains 7 cookies:

      Key                 : B
      Value               : 1ol6fnde8gfg7&b=4&d=LjXsvd9pYF29bGh.RQ7H_WusHlJ1rD9yGKW_nlFt&s=ed&i=Sn5ZfDF0_Tgdvj0CdtUO
      Domain              : yahoo.com
      Modified Date       : 3/13/2019 8:24:15 AM
      Expiration Date     : 3/12/2020 8:24:16 AM
      Secure              : No
      Created In          : Server

      Key                 : F
      Value               : d=NuFvdEw9vKczC7DrNszvxr8mSvO9KXmPXuZrCo9C_KksSnI-
      Domain              : yahoo.com
      Modified Date       : 3/13/2019 8:23:53 AM
      Expiration Date     : 3/12/2020 8:23:54 AM
      Secure              : No
      Created In          : Server

      Key                 : PH
      Value               : fn=uEJF.QpfVS8Hxa4-&i=sg
      Domain              : yahoo.com
      Modified Date       : 3/13/2019 8:22:15 AM
      Expiration Date     : 3/12/2020 8:22:16 AM
      Secure              : No
      Created In          : Server

      Key                 : AO
      Value               : u=1
      Domain              : yahoo.com
      Modified Date       : 3/13/2019 8:22:15 AM
      Expiration Date     : 3/13/2039 4:37:35 AM
      Secure              : No
      Created In          : Server

      Key                 : GUCS
      Value               : AX00Vkvn
      Domain              : yahoo.com
      Modified Date       : 3/13/2019 8:22:15 AM
      Expiration Date     : 3/13/2019 8:52:35 AM
      Secure              : Yes
      Created In          : Server

      Key                 : GUC
      Value               : AQEAAQJciYtcmkIfiQSD&s=AQAAAJQLUEum&g=XIg_Ow
      Domain              : yahoo.com
      Modified Date       : 3/13/2019 8:22:24 AM
      Expiration Date     : 3/27/2019 8:22:25 AM
      Secure              : Yes
      Created In          : Server

      Key                 : ucs
      Value               : lnct=1552432962&lbit=1552432961
      Domain              : yahoo.com
      Modified Date       : 3/13/2019 8:22:42 AM
      Expiration Date     : 3/13/2020 8:22:42 AM
      Secure              : No
      Created In          : Client

      EDIT: My colleague was just giving me a hard time for not including the point that I do have the raw logs from which I drew that log information above, in case anyone might think I am fabricating evidence.  So that also means the data for when the raw logs were archived is also available.

       

       

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Yahoo Assisting Adverts thru Pushing Security Protocol

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Cancel