Miss Manae,
Not to be the bearer of bad news, but with you saying your Yahoo! account was "hacked" (cracked really...but semantics aside) there are a few things you need to think about beyond just setting up a new account or issuing a warning about emails not being from you.
Thing is, all things considered, Yahoo! is rather secure, and not that easily cracked...which is a sort of double edged sword for you...means you shouldn't worry too much about security with a Yahoo! account...but also means how did you get got this time?
Can you still log into your Yahoo! account?
or has the passwords and such been changed?
If you can still log in that doesn't mean your Yahoo! account wasn't comprimised, just that they didn't change anything. If you can log into the account...change everything yourself now....anyway on to somethings to take care of or look into:
Did they actually "crack" your account?
or is it possible that your email address was just spoofed, so that it looked to be coming from your Yahoo! account when in reality it came from somewhere else entirely.
One way you can find out if your address was just spoofed is either have your friend, that received the nasty email in question, read the headers for the email, or he doesn't know how....or you would like to look at the yourself, have him send the email back to you...but DO NOT FORWARD IT....forwarding email chnages it to be from the person doing the forwarding, and attaching the forward as the body or a text attachment you would lose the information you need.
Instead if you want the mail, have him save it as a ".eml" file compress it (either .zip or .rar files) and send that as an attachment to you.
You can learn about email headers ,real and forged, here:
http://pobox.com/headers.mhtml
Now, if it was that your Yahoo! account was cracked, then you have to worry about how.
Was done through social engineering? Did you inadvertantly give someonne enough information to be able to figure out your password? or other information that was connected to your Yahoo! account. If so, you need to set up your new account with information completely different, and create a password that is more difficult, and that doesn't follow your regular convention of choosing a password.
Is it possible that your passowrd and account information was obtained through a keylogger or other monitoring software...if so, all your passwords are accessable, including the one for the new account.
You can try a few programs to see if perhaps you have malware on your computer:
http://www.emsisoft.com/en/software/free/
more for spyware but worth a shot and good to have:
http://www.safer-networking.org/en/index.html
After installing run these scanners in safe mode on your computer:
To boot into safe mode:
Restart your computer
as it is first starting up (screen still black maybe you here a post beep or fans running) start hitting "F5" repeatedly...
you will get a screen with boot options choose
"Safe Mode"
This will boot you into windows with just the barebones running.
Now in safe mode run the scans.
If either says it can't remove something because it is running and offers to scan at next boot, say "Yes".
After the scans are finished just reboot into windows as normal....if any scans are being done it may look like your computer is hanging...just give it time.
Run a firewall:
http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp?lid=dbtopnav_zass
or
http://www.sygate.com/firewall/
these will help if the information was obtained by someone that doesn't have physical access to your computer.
If it is someone with physical access to your computer, things get a bit muddier.
To protect yourself in this instance, don't stay logged into your accounts, and don't let your browsers or other programs remember your passwords for you...always log yourself in, if you want to keep things like passwords and such on your computer consider good encryption software like GPG:
http://www.gnupg.org/
a lot like PGP, but in many ways better.
One more thing to protect yourself in the future (if you're running windows XP):
Set up a limited account that you sign into for day to day tasks, DO NOT use your admin account for day to day computer usage, save the Admin account for installing software and such...if someone gets to your machine, in person or online, if the account you are using is limited, they can't install their malware.
I do hope some of this is of help to you, if you have any questions I would be more than happy to assist.
(one other thing, I know in my last post I said I would leave the Pheonix boards...sorry, I can't not respond to tech and security issues, it's what I do... and as it turns out I really don't have a desire to use an alias at in a good situation or bad...so again, sorry to have offened with you having to see my username and all...I shall return to lurk-mode unless Miss Manae or someone else has any questions)