If you've received an email claiming to be from a trusted company, such as Yahoo! or PayPal, that asks for your password or other private information, you've likely received a spoof or phishing email. These emails typically contain links that appear to go to the official site, but actually link to a fake, or "spoofed," site.
If you receive phishing or spoof emails, here's what to do:
If you're uncertain about the email, do not reply to the sender or click any links in the email. Instead, you can type the site's address directly in the address bar of your browser to verify the request. Please note that Yahoo! will never ask you for your password in an unsolicited email or phone call, or ask you to send your password or credit card information by email.
To protect yourself in the future, create a Yahoo! sign-in seal, which is a secret message or image that you select to help protect your account. Your seal helps ensure that you're on an official Yahoo! site and not a fraudulent look-alike. Learn more.
Make sure your SpamGuard Plus settings are activated. Spamguard Plus automatically filters suspected spam to your Spam or Bulk folder. Learn how to check your SpamGuard Plus settings.
If you're using POP to check your Business Email, by default we won't download any suspected spam messages to your desktop email program. Make sure that spam filtering is enabled when you use POP.
If you find you're receiving many spoof or spam emails, make sure your catch-all mailbox is turned off.