That Danny!
If your friends and contacts have received an email or IM message from your Hotmail account with wording along the lines of “I would like to introduce a good company who trades mainly in electronic products… etc” – it is highly likely that your Hotmail account has been compromised.
IF YOU ARE THE POOR SOUL THIS HAPPENED TO, THEN YOU SHOULD READ ON AND FOLLOW THE INSTRUCTIONS AT THE BOTTOM OF THIS ARTICLE.
In most cases when a spam email is sent in your name to someone else, the spammer doesn’t need access to your account. All they need to do is spoof your email address – i.e. make it look like it was sent from you. That’s very simple to do, and is very common.
However, the latest spate of spam from Hotmail accounts is different in that the attackers actually hack into your Hotmail account and then do some or all of the following things:
- They send a spam email to all your contacts.
- They may send a spam IM message to all your Messenger contacts
- They may delete all your Hotmail contacts
- They may set your autoresponse (the one you set when you go away) to send this spam message
- They may set your email signature to include the spam message
You know that they have hacked into the account because you can see clearly that they have sent an email from it to all your contacts, or even an instant message. They would not be able to do this if they did not have access to the account.
HOW IT HAPPENS
I don’t have a definitive answer, but I do have a theory which, based on the evidence, looks likely. If your password is a common name or a word that appears in a dictionary, then your account is vulnerable, even if it has a year of birth or number attached to it.
This is how the hackers do it:
- They employ an automated script that is fed your Hotmail address and then goes to work./li>
- It feeds the entire dictionary and common passwords and names into Hotmail one by one, trying to log in.
- After several attempts Hotmail “locks” the account and present a CAPTHCA (i.e. a string of wonky letters and numbers that are supposed to stop scripts from doing exactly that, because only a human can read these letters, supposedly).
- Unfortunately the CAPTCHA method no longer stops scripts, because hackers have found ways around them. One of those ways works by using sophisticated character recognition software that can read the wonky letters. Another is to feed the letters to “CAPTHCA farms” – the letters are fed to human users, employed by the hackers to read and enter CAPTCHAS, and they are often paid by the number of CAPTCHAs they enter (for example 1 cent per entry). This becomes viable financially if the spam is part of a bigger scam. The scale of the deception means it makes more money, especially because people are much more likely to trust spam messages sent by their friends. This achieves greater returns for the hackers and means they can attack many accounts, bypassing email security systems.
- Sometimes the scripts do their work over days, and sometimes weeks, to escape being caught by Hotmail’s attack detection systems.
There are of course other ways for hackers to achieve this kind of attack, such as spyware on your computer, or you being deceived by a rogue website. My instructions below would help you tackle these as well.
WHAT SHOULD I DO IF MY HOTMAIL ACCOUNT GOT HACKED?
Go through the following steps, one by one:
1. Before you do anything else, change your Hotmail account password to something very safe. Not a dictionary word or name, or even a word and numbers. Use symbols such as $ and & in your password, and make it long. I know it is difficult to remember, but if you don’t want to be hacked, you’ll have to start using strong passwords.
2. Now check that your autoresponse and email signature on Hotmail do not have any spam text added to them, as this would go out to your contacts automatically.
3. Then check that your computer does not have spyware or viruses, by following the instructions here.
4. From now on keep your passwords safe, and be extra careful when using public computers (such as those in Internet cafes). If in doubt – change your passwords.
5. You may want to alert Hotmail support to the problem. It seems to be happening all over the place, and the more they know about it, the better it is for their efforts to address it.
And please note: if for some strange foolish reason you decide to go to the site advertised by the spammers, and you are even more foolish and decide to buy something on it, don’t be surprised if it never arrives. This is a well known scam, and you will never get your goods, you muppet.
If you enjoyed this article, please consider sharing it!
this site’s rubbish I’ve sent loads of messages but they keep holding them back – maybe deleting them – maybe theyre the hacked trying to get your new email addresses! I’ve given my email address that was hacked even though it was deleted and closed down – bet you lot dont get this comment either!!!
my hackers obviously dislexic and VERY illiterate!………….
ipple iPhone 4 – ITS APPLE NOT IPPLE YOU DIV!
Hope you everything very well – ENGLISH NOT YOUR 1st LANGUAGE THEN?
dear friend – I AINT YA PAL!
MMMMMMM MAYBE AUTHORITIES CAN SOURCE CULPRIT!!!!!?
i like it much – I LIKE IT MUCH VERY YOU DROPPED DEAD
hope you try too – WHAT?….YOU TOO TRY READ LETTER HOPE!
HACKER……..I WISH YOU ARMS GROW SHORT & YOUR ASS HOLE GETS ITCHY LIKE FCUK! SCRATCH THAT TWAT!!!!!
Random subjects fwd existing mail to contacts, seems like their bot is sending my email to my contacts.
My email address has beeb hacked and it is very stressful. My password is already long unusual and with a number
My address has been hacked it is so irritating can i get some help… Thanks
on 2/11/2011 i got a mail in my Hotmail that MSN need to update my account, so they needed all my information including my Hotmail Password which was foolish on my part to provide all.my alternative Rediffmail account was also given by me.now the person who has hacked my Hotmail / Rediffmail account is sending to all my contacts the SPAM mails to which i am unaware of. I can not open my Hotmail / Rediffmail account as password must have been changed by the hacker. Pls help by updating me on [email removed]
Oh please!i tried to change my password but the thing is that if i choose the option saying “email me a reset link” then theres the problem that the person who hacked my account saved the id “livfan_1997@yahoo.com” (dummy person stupid hacker) in the recovery ids..hope everyone knows it now how should i change my password????? the question is that and so i am not a hacker that i will hack that person’s account!and i HATE IT! now coming on to customer support its a very long procedure and on the other hand i forgot most of the answers of the question! cumon sumone please help that id is really very important to me…really very important!
AND ALSO now google or bing or other websites like these…., if someone types that how to hack an account then more than 250000000 views will cum for it and only there is a need to copy and paste the password provided with the help of that website or views! so only way is to request the hotmail to provide more options while logging in the account so they make sure that the correct user is opening the id and there are no misconceptions on and then!
To Hotmail:My hotmail email account has been hacked into. I cannot get into my email account. I asked for a reset #. I got the link on a different email account but I can’t access it because it keeps telling me “There is a temporary problem. Try back later.” But it never changes. It just says try back later . Contacts have called me saying the hackers are asking for money in my name.
my email acount has been hacked
and i cant pass any more, hotmail aint help me …
how can i rehack my email back there is a lot of my friends old friends that mails i dont remmeber .
pls help me .,
my account has been hacked and the person changed both my password and security question i need help asap …thankz
Hotmail are being especially useless on this matter. My father’s email account was hijacked and the password changed. He’s filled in the form requesting help and he got the useless message below.
Utterly useless. Why does Hotmail not take this more seriously. This is fraud that is being committed.
To contact hotmail in any shape or form you need to type in your LIve ID and password but this has been hijacked so this does not make sense.
Extremely frustrated with hotmail.
PLEASE HOTMAIL GIVE ME A NUMBER GO CALL!!
Chris
Unfortunately, we could not verify your ownership of XXX@hotmail.co.uk using the information you provided. Your account recovery request with issue number 1111111 has been closed.
In keeping with Microsoft’s commitment to protecting online privacy, Windows Live takes account security seriously. Passing the account recovery process can be difficult. Please reconsider your originally submitted information, as well as provide any additional information when submitting a new account recovery request.
Here are some suggestions to assist you in submitting a new request:
Answer questions using the information you used when you created the account or last updated it.
Submit the recovery request from a computer you frequently use for Windows Live services.
Answer as many questions as you can and be as precise as possible.
For questions with multiple answers, such as email subjects and contacts, provide as many answers as you can.
If you have difficulty remembering email subjects or contacts, try reaching out to family, friends, or business contacts to verify.
Ready? Click here to submit a new Windows Live account recovery request.
Please do not reply to this message. Replies to this message are routed to an unmonitored mailbox.
Thank you,
Windows Live
For the umpteenth time on this blog, get rid of your hotmail account! I use gmail with a 100 character password, something you cannot do with hotmail. And the best part of having a 100 character password is that I do NOT have to remember it! I use LastPass to log into gmail using my 100 character password (which I do NOT or could NOT possibly remember). What makes LastPass so great is that even if a hijacker knew my LastPass login password, if would be of no use to him or her because to log into LastPass, a YubiKey is also required! So where is my YubiKey? On my key chain! But what if I lose my YubiKey? No problem! That has already happened once in the past. My PC at home (and ONLY MY PC) is setup with LastPass so that it does NOT need a YubiKey. But what if my PC is stolen or aliens from another planet take it (just some humor there)? Then I have a problem ONLY IF they also know my password to LastPass. There is no perfect solution when it comes to security but my security is 99.99% effective against moronic hijackers. And one last comment, LastPass allows me to print a hard copy of all my passwords to my other accounts.
spam was sent recently to my contacts from my current hotmail ad. my previous hotmail ad ie sh…18… was hacked. when i became suspicious i opened new accounts and managed to import my contacts and mail. later could not open my email as they changed my password. it should be easy to find the hacker if IDs are requested from suspected hackers and type of mail they send out are identified. for example the hacker of sh…18 solicited money from all my contacts saying that i was in a conference in spain and lost my purse in a taxi etc. a team of experts should study all outgoing emails from their subscribers.
please notify me of your findings.
A lot of people forget that the easiest way to get access to accounts is when you go to some dodgy site and enter your email and ‘A PASSWORD’ to get an account or order goods. Many people use the SAME password for both the email address and the website account — – Very Good Idea — – NOT
I would like to say that it’s silly how I’m only 12 and they hack my account!! Like seriously I just now got into my hotmail and what do I find, my friend commented on how early my email was sent and it said “it’s 2012 and I’m 28 and Ive got $2000″ seriously!! Hackers have noooooooooooooo life!! I then checked my sent folder and all my contacts had similar messages as what my friend told me!! Im really scared pls help!! :_( im crying right now!! Pls tell me how to unhack my account!! Plsss!!
dear aisha, same with me.. just pray to god.!! that these hackers go to hell!! stupid ppl!
please someone hack the account of the hacker who hacks my account