Once a spammer has an address to use, it is very difficult to stop it. It is very easy for spammers to fake or ‘spoof’ a sender’s address, and disguise the actual address from which the spam was sent.
Yahoo’s advice is to change your password, but there are several more security settings to change than just your password. This Help page has more information, stated clearly, with several links to clarify the steps.http://help.yahoo.com/kb/index?page=cont…
Give him this advice:
1. FIRST, check that the alternate e-mail address/mobile phone number is still yours, under Options, Mail Options, Account Information, but then change the alternate address! (so the hacker will not be notified of the change). Check the ‘Reply To:’ address as well to be sure it is still yours.
Then change both your password AND your secret questions and answers. Make the password a long, strong one with mixed characters! Length = Strength for passwords! Start with a sentence and make substitutions with numbers, symbols and punctuation. Go to “Update password-reset info” to change your Secret Questions and Answers. Make sure they are unchangeable, unique, and easy for you to remember. For a Yahoo account, you can change your password at https://edit.yahoo.com/config/change_pw. If you can no longer access your account, you can get a new password at https://edit.yahoo.com/forgotroot/.
See http://strongpasswordgenerator.com/ for more tips on creating a strong password(and what NOT to use)
If you used this password for other accounts, change them too – make every one different. Make the password much longer than 8 characters, with mixed symbols.
Usually, this is all you need to do, although mail will still be sent in the name of the old account for a short while – there’s nothing you can do about that. Once spammers have a valid address, they continue to use it, even after the account is closed/deleted!
2. *** If spam mail was sent to any of your contacts, apologize, and notify all your contacts NOT to open short e-mails, especially those with no subject, and definitely not to click any links. Warn them to change their passwords and scan for malware too, just in case. (The limit is 100 addresses per mail, and 200 per hour, but send to far fewer than that in each message, just in case you trigger Yahoo’s spam ‘suspicious activity’ detector.) Set up an alternate ‘alias’ account to use instead. This allows you to use a different address for sending, but still keep all saved mails and contacts and the first address active too for incoming mail. Your friends can trust this new address! There is a choice of address in an arrow in the From: box. Also add a signature to your mail so your friends will be sure the mail is really from you …http://edit.yahoo..com/config/list_alias (alternate address)
Answers is a Jungle
Once a spammer has an address to use, it is very difficult to stop it. It is very easy for spammers to fake or ‘spoof’ a sender’s address, and disguise the actual address from which the spam was sent.
Yahoo’s advice is to change your password, but there are several more security settings to change than just your password. This Help page has more information, stated clearly, with several links to clarify the steps.http://help.yahoo.com/kb/index?page=cont…
Give him this advice:
1. FIRST, check that the alternate e-mail address/mobile phone number is still yours, under Options, Mail Options, Account Information, but then change the alternate address! (so the hacker will not be notified of the change). Check the ‘Reply To:’ address as well to be sure it is still yours.
Then change both your password AND your secret questions and answers. Make the password a long, strong one with mixed characters! Length = Strength for passwords! Start with a sentence and make substitutions with numbers, symbols and punctuation. Go to “Update password-reset info” to change your Secret Questions and Answers. Make sure they are unchangeable, unique, and easy for you to remember. For a Yahoo account, you can change your password at https://edit.yahoo.com/config/change_pw. If you can no longer access your account, you can get a new password at https://edit.yahoo.com/forgotroot/.
See http://strongpasswordgenerator.com/ for more tips on creating a strong password(and what NOT to use)
If you used this password for other accounts, change them too – make every one different. Make the password much longer than 8 characters, with mixed symbols.
Usually, this is all you need to do, although mail will still be sent in the name of the old account for a short while – there’s nothing you can do about that. Once spammers have a valid address, they continue to use it, even after the account is closed/deleted!
2. *** If spam mail was sent to any of your contacts, apologize, and notify all your contacts NOT to open short e-mails, especially those with no subject, and definitely not to click any links. Warn them to change their passwords and scan for malware too, just in case. (The limit is 100 addresses per mail, and 200 per hour, but send to far fewer than that in each message, just in case you trigger Yahoo’s spam ‘suspicious activity’ detector.) Set up an alternate ‘alias’ account to use instead. This allows you to use a different address for sending, but still keep all saved mails and contacts and the first address active too for incoming mail. Your friends can trust this new address! There is a choice of address in an arrow in the From: box. Also add a signature to your mail so your friends will be sure the mail is really from you …http://edit.yahoo..com/config/list_alias (alternate address)
Answers is a Jungle
He has probably given his password to a fake page that came in his email. Now he will learn that you do not do this sort of thing.