What to do if your Hotmail account got hacked – the recent spate of attacks on Hotmail accounts
If your friends and contacts have received an email or IM message from your Hotmail account with wording along the lines of "I would like to introduce a good company who trades mainly in electronic products... etc" - it is highly likely that your Hotmail account has been compromised.
IF YOU ARE THE POOR SOUL THIS HAPPENED TO, THEN YOU SHOULD READ ON AND FOLLOW THE INSTRUCTIONS AT THE BOTTOM OF THIS ARTICLE.
In most cases when a spam email is sent in your name to someone else, the spammer doesn't need access to your account. All they need to do is spoof your email address - i.e. make it look like it was sent from you. That's very simple to do, and is very common.
However, the latest spate of spam from Hotmail accounts is different in that the attackers actually hack into your Hotmail account and then do some or all of the following things:
- They send a spam email to all your contacts.
- They may send a spam IM message to all your Messenger contacts
- They may delete all your Hotmail contacts
- They may set your autoresponse (the one you set when you go away) to send this spam message
- They may set your email signature to include the spam message
You know that they have hacked into the account because you can see clearly that they have sent an email from it to all your contacts, or even an instant message. They would not be able to do this if they did not have access to the account.
HOW IT HAPPENS
I don't have a definitive answer, but I do have a theory which, based on the evidence, looks likely. If your password is a common name or a word that appears in a dictionary, then your account is vulnerable, even if it has a year of birth or number attached to it.
This is how the hackers do it:
- They employ an automated script that is fed your Hotmail address and then goes to work./li>
- It feeds the entire dictionary and common passwords and names into Hotmail one by one, trying to log in.
- After several attempts Hotmail "locks" the account and present a CAPTHCA (i.e. a string of wonky letters and numbers that are supposed to stop scripts from doing exactly that, because only a human can read these letters, supposedly).
- Unfortunately the CAPTCHA method no longer stops scripts, because hackers have found ways around them. One of those ways works by using sophisticated character recognition software that can read the wonky letters. Another is to feed the letters to "CAPTHCA farms" - the letters are fed to human users, employed by the hackers to read and enter CAPTCHAS, and they are often paid by the number of CAPTCHAs they enter (for example 1 cent per entry). This becomes viable financially if the spam is part of a bigger scam. The scale of the deception means it makes more money, especially because people are much more likely to trust spam messages sent by their friends. This achieves greater returns for the hackers and means they can attack many accounts, bypassing email security systems.
- Sometimes the scripts do their work over days, and sometimes weeks, to escape being caught by Hotmail's attack detection systems.
There are of course other ways for hackers to achieve this kind of attack, such as spyware on your computer, or you being deceived by a rogue website. My instructions below would help you tackle these as well.
WHAT SHOULD I DO IF MY HOTMAIL ACCOUNT GOT HACKED?
Go through the following steps, one by one:
1. Before you do anything else, change your Hotmail account password to something very safe. Not a dictionary word or name, or even a word and numbers. Use symbols such as $ and & in your password, and make it long. I know it is difficult to remember, but if you don't want to be hacked, you'll have to start using strong passwords.
2. Now check that your autoresponse and email signature on Hotmail do not have any spam text added to them, as this would go out to your contacts automatically.
3. Then check that your computer does not have spyware or viruses, by following the instructions here.
4. From now on keep your passwords safe, and be extra careful when using public computers (such as those in Internet cafes). If in doubt - change your passwords.
5. You may want to alert Hotmail support to the problem. It seems to be happening all over the place, and the more they know about it, the better it is for their efforts to address it.
And please note: if for some strange foolish reason you decide to go to the site advertised by the spammers, and you are even more foolish and decide to buy something on it, don’t be surprised if it never arrives. This is a well known scam, and you will never get your goods, you muppet.
Related posts:
May 9th, 2009 - 09:23
I’m guessing that after they change your password info, you’re pretty much SOL.
My Facebook and my Hotmail have been hacked… still trying to figure out what to do now, since both passwords have been changed. I’m so screwed.
May 9th, 2009 - 12:37
Yeah i’m sol as well, this didn’t help at all. This was good prevention but didn’t help in giving my account back.
May 14th, 2009 - 20:53
This happened to me. It’s absolutely bullshit, I have no idea how they did it.
I’m fairly geeky, my degree was in computing and recent. My password was a random alphanumeric string, and I don’t fuck about with attachments.
I logged into an account I hadn’t touched in months, and found out it had an autoreply that it would periodically send out junk mail. This had been happening since early this year.
How they got into my account (or is it is just horrible security on Microsoft’s end), I don’t know. They didn’t change my password, and I severely doubt that they ever actually had it.
None of my other hotmail accounts were compromised.
June 23rd, 2009 - 17:14
kwyjibo, a geeky person having microsoft’s hotmail is an oxymoron ;)
i’m here cuz one of my friend’s hotmails got hacked
i’m GMAIL all the way
July 1st, 2009 - 16:20
hey,
I just had my hotmail hacked overnight.
I had a Chinese wholesale direct SPAM message go out to all my contacts.
F.Y.I
they didn’t delete my contacts
the didn’t add an “out of office” message
they didn’t add/modify my signature
each email was sent to 1 recipent and 9 BCC’s
the emails repeated again 5 hours later
so, must be a script of some sort. I too have a complicated non word password. they only thing I think they could have done is 1. put a trojan on my pc to grab it, or 2. to fake a website where I had to put it in to use my contacts to see which of them are using the social network site I was using. FB friendfeed, digg, linkedin, which means their site was hacked…
I’ve posted on livemail support to see if hotmail reply with any answers… I’ve never been hacked on hotmail before! first time in 12 years
July 3rd, 2009 - 08:00
Mine got hacked too, also sent stupid spam mails. First it was about some weird auction shit, then went onto a Chinese retailer.
My friends all knew it wouldn’t be me because first off, I go to school with them, so they know how I talk and obviously the hacker doesn’t talk like me. Second, they all know I’m not into selling stuff, so luckily they didn’t touch the URL.
Unfortunately for me, my account has been hacked. I’m sticking to my Gmail from now on.
July 8th, 2009 - 04:07
I think I’m being hacked???? Some one is sending Careerbuilder resume replies to people. The only way I found out is I went to my sent box and saw all them. But I can’t see any e-mails I’ve sent since 6/23/09.
Then today I just got something sent to my inbox….
Delivery notification Failure
and it was sent to someone about penis enlargement products.
Everyone getting e-mailed from my account is no one I know—None of my contact?
Is there a direct way to get ahold of someone @ hotmail?
August 9th, 2009 - 08:15
Got hacked and found their spam text in my signature. Thanks for the tip on that one…wondering if I now have to close my eight year old hotmail account. Boo.
August 31st, 2009 - 11:00
I have the same issues as the last two people who left comments. It shows me as not having sent anything from 8/6/09 to 8/28/09. There was a week or two where I didn’t have internet connection from home, but I know I sent emails within that time frame. Also, when I was able to finally sign back in from home I had a ton of those “delivery failure notification” emails and when I went to send an email the spam text replaced my signature. Is there any way to report this to Hotmail? I’ve searched spam text signatures and whatnot, but to no avail. My password is completely numerical and has nothing to do with anything within my personal information, contact list, etc.
September 2nd, 2009 - 09:11
I had the same issue. Had a message sent from my Hotmail account to half my contacts at 02:40am 2nd September 2009. Then another message sent to the second half of my contacts. My Out of Office response message was modified to the spam message and so was my Hotmail email signature. I have changed my password to a new strong password. Message body text was this (in [ ] brackets below):
[Hey?
how are you doing recently?
I would like to introduce you a very good company and its website is /removed/. It can offer you all kinds of electronic products that you may be in need,such as laptops ,gps ,TV LCD,cell phones,ps3,MP3/4,motorcycles and etc........
You can take some time to have a check ,there must be something interesting you 'd like to purchase .
The contact email: service@[domain removed] MSN: [email removed]
Phone: 86+[phone removed]
Hope you can enjoy yourself in shopping from that company !
Regards ]
Looks to me like Hotmail has been hacked…
January 18th, 2010 - 18:38
Hey guys if there is anyone out there that can give me advice on how to get my hotmail account back i would really appreciate it….its been hacked into and all my passwords and security questions has been changed and also my msn and facebook is been changed if anyone know what i can do please feel free to get in contact with me cause ive been in contact with hotmail and all they keep telling me is they can advise i open a NEW account…..I DONT THINK SO what about all my contacts for work ect. I know its my ex partner that hacked into it but i dont know what to do in situations like this :-(
Please again if there is anyone out there that can help email me at [email removed to protect user privacy - please respond on this forum]
Thanks guys and girls
Luan
January 19th, 2010 - 19:55
Luan,
I just had the same thing happen at 2:30 this morning. An email was sent to all my contact saying I was in African and needed money to get home. They changed my security question. I haven’t even been able to get ahold of hotmail to see how I can change my password back. Or, I probably won’t want to because the Hacker could still have access somehow. Anyone that can get a number that I can speak to hotmail would be great or further information on what to do next. Thanks Ryan cell number: [removed to protect privacy - please respond on this forum]
January 21st, 2010 - 01:48
If your hot mail has been hacked, you might as well strip your computer and throw it away.
January 21st, 2010 - 23:48
Good read. I found this article after searching “hotmail hacked help”
From the other comments, it seems that I got lucky. My contact list was abused by an electronics merchant in China, but at least I’m not locked out.
To those seeking support from MS Hotmail: Good luck. I sympathize with your frustrations. I wouldn’t expect a happy ending though. It’s a free service. The old adage, “you get what you pay for” holds true and their support efforts will reflect that.
My advice, move on and save yourself the time and frustration. Get a new email provider. In the future, backup your contacts list to a file that you own and manage.
January 22nd, 2010 - 02:21
Well I’ve been hacked too, but ever since I changed my password, I’ve never sent another strange e-mail. I’ve received some recently, but I would click on the link only if I was daft. Good advice, thanks for the tips OP
January 22nd, 2010 - 08:29
Guys, I think it was a one time hack by the Chinese at Hotmail, they got everyone’s or close to its password. obviously they found the DB with all the passwords in it, that’s why they’ve been able to send out an email to everyone on your contact list via a script. I mean it’s the same people who just hacked google – they’re good.
Anyway besides getting MS to admit that they got hacked, which it obviously was, all you need to do is, if possible, change your password and remove any signature. you can continue to use hotmail, no point moving on to another provider
oh, hope they don’t hack hotmail again.
January 27th, 2010 - 10:11
i have the same isue “kelorrico” has but its about Viagra.
||I think I’m being hacked???? Some one is sending Careerbuilder resume replies to people. The only way I found out is I went to my sent box and saw all them. But I can’t see any e-mails I’ve sent since 6/23/09.
Then today I just got something sent to my inbox….
Delivery notification Failure
and it was sent to someone about penis enlargement products.
Everyone getting e-mailed from my account is no one I know—None of my contact?
Is there a direct way to get ahold of someone @ hotmail?”
January 31st, 2010 - 19:26
It is really sad that hotmail offers niether solutions or method of contacting them when a hotmail account is hacked. I had strong passwords and ID and my account was hacked and all of my contacts were deleted as well as my personal folder on my account. Since this data reside on Hotmail servers and NOT my computer you think hotmail would show more concern. Hotmail offers no data about the scope of this issue with their servers. The person that hacked my account sent an email to all of my contacts asking for money. The mistake I made was not exporting my contact list and saving it locally. I had an update anti-virus program. It is to bad that hotmail doesn’t backup data on it’s servers and offers to restore the data even for a fee. They offer no customer service. I have been a customer for 10 years but I have now switched to AOL.
Harold
February 1st, 2010 - 17:41
my account has been hacked! please help me out! please! please!
February 1st, 2010 - 18:37
My hotmail account was hacked today as well…:(
February 2nd, 2010 - 05:52
My Hotmail account was hacked today – my whole contact list received a message “from me” telling them to go to some electronics site to shop. I think I’m going to just change my email provider and suffer the consequences.
February 2nd, 2010 - 17:24
Hacked today to and sending viagra emails. I still could get in my account and I changed the password. Oddly they didn’t send an email to everyone but just a few people. Weird. I changed my password but I’m not sure what else I should do…
February 3rd, 2010 - 13:26
What consequences? You have a FREE account. They don’t lose money if you stop using it.
It happened to me last night. Changed my password; hope it stops.
February 3rd, 2010 - 14:15
Oooh. You suffer. Nevermind. Sorry.
February 5th, 2010 - 01:19
my hotmail and facebook account is hacked! i cant log in and my password is changed. even my secret question. this is shit! how can i retrieve it back!??! im expecting important mail from my work!! ahhhhh!! screw the hacker..screw them to bits…
February 9th, 2010 - 19:06
“It feeds the entire dictionary and common passwords and names into Hotmail one by one, trying to log in.”
Haha what?! Are you suggesting that a spammer would be willing to perform a dictionary attack including: “the entire dictionary” just to get access to an account to send spam from?
Do you not think quite a lot of resources would be required for this (which even if successful, would probably lead to only a small return) and futhermore, do you believe microsoft allows an unlimitted number of password guesses.
“Unfortunately the CAPTCHA method no longer stops scripts” – what kind of “scripts” are these? As far as I’m aware, the CAPTCHA used on most big sites ie hotmail are not easily broken, else why would they still use them!?
— Keylogging and clone sites are the most likely method of password theft —
Furthermore, if they had an email address which was to be “fed” into an “automated script” why would they not just send spam to this email address instead (lower conversion rate I know but a lot less resource intensive/near impossible to do).
February 12th, 2010 - 06:26
I had been getting a lot of ‘delivery notification failure’ messages and even though i don’t use my hotmail account that much, it didn’t register with me that something was wrong with my account. Silly me, i didn’t pay much attn to it and kept deleting those messages. It was only today while searching for something that i stumbled here and after reading comments posted , i realised that my hotmail account was hacked!! i might have been silly before but not anymore. i have changed my password and checked my signature( didn’t find any spam attached to it) and thank god that my contact list was still intact..phew!! even though i don’t have any valuable info in my account, there is still that feeling of being hacked that is so scary..Thanks to everyone who posted comments once your account is hacked.
February 17th, 2010 - 06:41
So my account got hacked and they changed my password. Now what the heck do I do? I neeeeeddddd to get back into my account.
February 17th, 2010 - 15:25
hacked last night!!!! requesting to send $3,500 dollars to me in London since I had been robbed. All my contacts are in that account. I am an idiot. any ideas? i cant get to anyone @ msn for help!!!
February 17th, 2010 - 17:57
hacked. “im in england send money” no ability to alter signin info. we all seem screwed? someone figure this out, please, or Micro$fot please help out your loyal email users….
February 18th, 2010 - 01:25
okay. maybe not all hope lost. Windows Live ID Validation is a form you fill out with loads of info that will hopefully prove it’s your account. it seems the more info you have (isp name, folder names, date of last login) the better chance you have of reclaiming your account. Hope this helps>> https://support.live.com/eform.aspx?productKey=wlidvalidation&ct=eformcs&f=255&MSPPError=-2147217396
February 21st, 2010 - 00:22
Good Advice. I was hacked earlier today. Hoping for the best.
February 23rd, 2010 - 13:26
Thanks for this, I got hacked over the weekend and this post gives more information that the hotmail advice sites. Looks like they only deleted my addressbook so far, I don’t use a signature and there was nothing in it to be altered, likewise the vacation message.
February 25th, 2010 - 16:41
same stupid mugged in london email to all hotmail addresses requesting money. Used the validation request to hotmail…now waiting five days for them to repond….now what?
February 28th, 2010 - 08:32
I have been a LONGTIME hotmail user, and it seems we are having a new problem! Mine is of the sorts “delivery failure notification” as mentioned above where hundreds of email were sent to users I do not know. I noticed it the last time I logged in, but didnt do anything to fix it as I thought it was random and would go away. Well, it did not. Now I am locked out of my account for some reason…maybe they changed my password? All I know is to try the account verification thing and see if it works! I entered all kinds of old contact or emails sent info… as I have a more secure (I USE GMAIL PRIMARILY… as it is much safer and I learned how to protect against Spam after I created my hotmail account years ago… ie, I do not use my general gmail account for ANY info requests or websites… only for personal email. I use an alternative account where Im not afraid of receiving spam when email is requested for a product, etc. (some advice I suggest!))
Hope we all have some success — those of us now locked out of our accounts!
February 28th, 2010 - 22:59
this happened to my teacher and he got emails sent out about Viagra and stuff….
not good microsoft
March 1st, 2010 - 02:33
but, how do they know about our e-mails?
March 2nd, 2010 - 21:23
Reply to John
When anyone passes on emails to a list of people and doesn’t use BCC, like the chain emails “pass this on to 20 people” – their email addresses show up in the email to all the other people on the list that it was sent to. Every time the mail is forwarded more email addresses are added to the email. Using the BCC option if you must send to many in one email, means no one else can read it.
March 3rd, 2010 - 00:46
my email was hacked and stolen. my password got changed and my security question was also changed. everyone in my contact is receiving email asking for money i cant even close the account or for that matter can even get in the email i would like to no what to do pls help.
March 3rd, 2010 - 12:52
I think you need to tell your email provider eg Hotmail, Yahoo, Google etc, they all have advice on this. Find their HELP link in your email account. Wasn’t the advice at the top of this page of any help to you? It’s under
WHAT SHOULD I DO IF MY HOTMAIL ACCOUNT GOT HACKED?
Most people seem to have got their email back after contacting their provider, when I got hacked I was getting undelivererd emails back that were sent to addresses I’d never heard of, and not sent by me.
March 3rd, 2010 - 19:54
My hotmail account was hijacked on Feb 24, along with my ebay and my paypal. Hacker changed the password, security questions and alternate email on all accounts. It took me 4 days to get back into my hotmail and that’s when I realized that he had hacked my ebay and paypal, too. I rarely use those, so I didn’t notice. Paypal put a limitation on the account, essentially locking him out from anything but receiving funds, because he couldn’t verify my phone or address. I submitted a web form to hotmail, they responded within 24 hours, telling me to fill out the windows live id validation form, which I did and 3 days later, I was back in. The hacker only won several eBay auctions and tried to get sellers to email him cd-key codes for Warcraft. The alternate email he set in my hotmail account was drunk.baby@yahoo.com and the location he set was New York zip code 10021. Wish I could find him….
March 10th, 2010 - 02:16
I never use my hotmail account but I do use windows live mail no more I am deleting my hotmail account and windows live mail. No more. They are toast. Bye bye
March 10th, 2010 - 05:01
my hotmail is hacked.. i cant sign back into it anymore.
my FACEBOOK account is also hacked!
i need help.. please help me.. they are doing damages to me..
thanks..
March 11th, 2010 - 03:45
Gotta wonder if this is some sort of joke on the hackers part. Because this just seems like a lot of effort to go to. When they could… oh I dunno… *make their own new email addresses* I mean, I’m sorry, aside from being a mean joke to be a pain in the bum, why would a spammer bother with this? Wouldn’t *creating* new email addresses be far more efficient than hacking ones? Is it because accounts typically come with contacts? While the spam sent from my account *wasn’t sent to any of my contacts* only strange email addresses, so there goes that theory… You can email addresses to send the spam to off of public facebook accounts or other sites where people don’t make their email address private.
Wish I knew how to fix this. Tried changing the password like suggested in the article, so we’ll see.
March 11th, 2010 - 05:43
My hotmail account has been hacked. I have been locked out of all my acounts. The person(s) sent out e-mails to my contacts stating that I have been Kidnaped & request $. I have been locked out of ALL my accounts!! I have contacted hotmail & submitted information to them but NO HELP!!!I dont know what to do. I want the account suspended ASAP!!! I need help !!!!!!
March 11th, 2010 - 06:55
I just want to know if on the off chance I don’t manage to get back into my hotmail account, is there anywhere on my computer that my contact list is saved? I feel like I have seen it somewhere before while looking for some other file? I haven’t made a point of saving it, but I really feel like it is somewhere?
Far as I know, I was hacked this morning. Heard about it when people started texting me asking if I was really on an unexpected trip to the UK where I had luggage trouble that I can only discuss by email, and asking them to let me know if they can help me out somehow. I am pretty sure I was at my computer quickly, but password was changed, answer to my question was altered. I was signed in to msn messenger already and quite literally watched all my contacts get deleted. As I was asking one friend what to do- the one i caught before his address was deleted- there was a memo at the top of the conversation box telling me that someone else was on my msn at a different location.
I’ve changed other passwords, changed other emails to temporary solutions, but you’d think msn would try to do something about it, can’t be good for PR. Yet to be seen if they email me back within the claimed 24 hours but when I tried the assisted support number listed on their website somewhere, all I got was a squeel. I just want my saved emails and my contact list, I can get over the loss of the email, I just want my letters and whatnot back!
March 12th, 2010 - 04:42
Had same problem as most have noted. E-mail sent out 1:30 am 9/March to all my contact list saying in called out of town(London) on short notice, lost wallet, could You send $3000.
They changed My password and secret question so I can’t get in account. Contacted hotmail about hacked account, went thru requeded questions as best as I could and sent message. 24 hrs later got e-mail back for more info and sent more, got response not enough info and so we can not help You recover Your account, sent more info Thursday morning and phone no. and asked if they could call so we could talk about this some more. It is late Thursday night, still no response, it looks hopeless.
March 14th, 2010 - 03:13
My hotmail was hijacked today (spam mail sent to all my hotmail contact list, it’s about me getting a cheap iphone from a electronic website and asking the contacts to visit it too). My hotmail account filter has also been set as exclusive, which was not like that previously. All my contacts email was deleted from my hotmail account, and all my msn contacts gone (this is the saddest part as I do not have a back up of those friends’ msn).
Luckily my password was not changed so I set it to a more secure one immediately. I also found windows live mail support webpage acknowleging the issue. However, I strongly doubt it is a malware/virus on my part because
1. I am exclusively on a Mac (iMac and macbook pro). I ONLY use my Mail software to check my hotmail, not login online.
2. I check my email several times a day. I was checking it like a couple hours ago and nothing was wrong.
Therefore, even windows live support was saying that it’s malware on the computer, I think it’s there hotmail server being hacked so that so many account has been hijacked by a very similar fashion. I know I am not paying for the service but I feel very disappointed.
Should I send another email to my contacts to inform them the spam??
Thanks for the information on the page.