Several well-known tech giants have taken steps to warn customers of state-sponsored attacks on their accounts and now Yahoo has joined the bandwagon.
Bob Lord, Chief Information Security Officer at Yahoo, wrote in a blog post that the company is committed in protecting the safety and security of its customers and preventing unapproved access to users' accounts by unauthorized individuals or groups.
Yahoo has announced that it will notify users if the company suspects that account is a target of a state-sponsored hacker.
"We'll provide these specific notifications so that our users can take appropriate measures to protect their accounts and devices in light of these sophisticated attacks," wrote Lord.
What should you do if you get a warning that your account is a suspected target of state-sponsored hackers?
Yahoo recommends turning on Account Key or Two-Step Verification for approving or denying sign-in notifications that grants or refuses access to one's account.
Customers are also advised to select a unique and strong password for their account - one that has not been used on other accounts. Check out the guidelines laid down by Yahoo for creating strong passwords.
Recovery information about one's Yahoo account (alternate recovery email or phone number) should be correct, up-to date and accessible. That being said, unused recovery phone numbers or email addresses should be removed.
Reply-to and mail forwarding settings must be checked to prevent hackers from altering these settings to receive a copy of the emails users receive or send.
Lastly, customers are encouraged to review their account activity for any sessions they do not recognize.
A warning message does not mean that a Yahoo account has been compromised
Yahoo stresses that a warning message does not imply that an account was compromised by state-sponsored hackers. However, the alert is sent if Yahoo believes that a user is a suspect target and that they should take the necessary steps to protect their login credentials.
Yahoo also notes that this warning message does not mean that the company's internet security system has been compromised by hackers.
So how do customers know if an attack is state-sponsored?
"In order to prevent the actors from learning our detection methods, we do not share any details publicly about these attacks. However, rest assured we only send these notifications of suspected attacks by state-sponsored actors when we have a high degree of confidence," notes Yahoo.
State-sponsored cyber-attacks are done by hackers from foreign countries. These hackers are unable to crack government or corporate networks so they try to infiltrate into the personal accounts of employees of targeted organisations.
Some studies have found that employees may also access work-related portals from outside their work space such as from home, making it easier for hackers to approach their targets.
Facebook, Twitter and Google have also taken steps to warn customers if the company suspects that a user account is being targeted by state-sponsored hackers.
Photo: Yahoo | Flickr