I am a victim as well and sending email back and forth with yahoo customer service for 4 days now. i even see my account being online on YM and when i send messages it will get off line.
I am just wondering..isnt that when i try to give my info on password retrieval page for several times and didnt get it right,it will then say the account is temporary accessible for 12 hrs.,would it be then an idea to just simply make the account unaccessible due to retrieveing password every 12 hrs so it will be unsusable for the one who phished it?or would it be unaccessible for the who hached it as well?