Home arrow Email arrow General arrow Yahoo Fights Phishers with Seals
Yahoo Fights Phishers with Seals Print
Wednesday, 27 September 2006
Sometimes companies make small, but simple changes that offer additional security. This was the case with Yahoo! The company added a feature to their log in page that reduces your odds of password theft. You can personalize the page by adding a sign-in seal that links with your computer. The seal can be either text or a graphic. If you're a Yahoo! email or IM user, take 5 minutes to create your sign in seal.

The number of brands targeted by phishers set a monthly record at 154, according to the Anti-Phishing Working Group. Big brands such as Yahoo! make big targets. Phishers know that with these passwords, they can view your email or instant messages which might contain valuable information.

Instead of having a common login page that all Yahoo! members use and phishers can copy, Yahoo! lets you add a small graphic or text message. The idea is phishers won't know about your personal seal so you can easily distinguish between your page and their fake login page.

How to add a Sign-In seal to your Yahoo! login

1. Sign out of your Yahoo! account

2. Return to your Yahoo! page and click the Sign In link

3. Click the text Prevent Password Theft

Click-to-Enlarge
Click to Enlarge

You'll see a page that allows you to create a text seal or a graphic seal.

Click-to-Enlarge
Click to Enlarge

4. Click the radio button for your seal type. The page will expand to reflect your new options.

Click See more colors if you don't like the default selection.

Click-to-Enlarge
Click to Enlarge

5. For text seals, you can enter up to 21 characters. You're not required to fill in each text box.

For images, you can use .bmp, .gif or jpg file types. You are limited to 2MB.

6. Click the Preview button to see your seal.

7. Click Save This Seal to accept your settings.

8. Click OK on the small popup window.

If you wish to change your seal, log out and click your seal. This will take you to the settings page.

Removing Your Yahoo! Personal Seal

If you want to remove your personal seal,

1. Log out of Yahoo!

2. Return to your Login page

3. Click your personal seal

4. Click the Remove button in the Preview section.

Limitations of the Yahoo! Personal Seal

The main limitation is part of this security is dependant on cookies and a XML file written to your UserData folder. If you use multiple computers or browsers, you may need to repeat this process.

As example, I work with Mozilla Firefox and Microsoft Internet Explorer. Each browser sets different cookies and I had to repeat the steps. The same goes if you have more than one computer.

The FAQ section mentions two other items which may interfere. The first is if you're using a branded Yahoo! site such as those offered by some of the larger ISPs. Lastly, if you use any utilities that clean cookies, make sure you keep the Yahoo! ones.

Referenced Resources:

Anti-Phishing Working Group Report (July 2006) (PDF file)

Yahoo! Phishing Page

Related articles

Phishing for More
Last Updated ( Wednesday, 27 September 2006 )
 
[ Back ]