YahooMail Is So Bad That Congress Just Banned It
By William Turton for Gizmodo
http://gizmodo.com/cyberattack-leads-to-a-yahoomail-ban-on-capitol-hill-1775851542
The solution is relatively easy. First and foremost, train the staff better

. Then install
Linux based desktop machines and use a decent
DNS service.
The recent attacks have focused on using .js files attached as zip files to e-mail that appear to come from known senders.
When opening an attachment,
Windows based machines just look at the file extension. It says it's a
JPEG, therefore it must be a
JPEG 
- yeah right

.
Linux machines will examine the content of the attachment and warn the user if it doesn't match the extension

. Even if the user ignores the warning and opens the attachment, the worst that can happen, is the machine gets infected locally. Naturally, the
/home folder will be well backed up for just such occasions. This makes restoring the machine to working order very easy. This is a great example of why you should
NEVER use your computer as
/root, unless it's absolutely necessary

.
...“We take the security of our users very seriously, and we’re collaborating closely with House IT staff to ensure that they have the right solutions in place to best protect their accounts.”
Will they use the most cost effective and the most logical solution? I seriously doubt it

.