What to do if your Hotmail account got hacked – the recent spate of attacks on Hotmail accounts
If your friends and contacts have received an email or IM message from your Hotmail account with wording along the lines of "I would like to introduce a good company who trades mainly in electronic products... etc" - it is highly likely that your Hotmail account has been compromised.
IF YOU ARE THE POOR SOUL THIS HAPPENED TO, THEN YOU SHOULD READ ON AND FOLLOW THE INSTRUCTIONS AT THE BOTTOM OF THIS ARTICLE.
In most cases when a spam email is sent in your name to someone else, the spammer doesn't need access to your account. All they need to do is spoof your email address - i.e. make it look like it was sent from you. That's very simple to do, and is very common.
However, the latest spate of spam from Hotmail accounts is different in that the attackers actually hack into your Hotmail account and then do some or all of the following things:
- They send a spam email to all your contacts.
- They may send a spam IM message to all your Messenger contacts
- They may delete all your Hotmail contacts
- They may set your autoresponse (the one you set when you go away) to send this spam message
- They may set your email signature to include the spam message
You know that they have hacked into the account because you can see clearly that they have sent an email from it to all your contacts, or even an instant message. They would not be able to do this if they did not have access to the account.
HOW IT HAPPENS
I don't have a definitive answer, but I do have a theory which, based on the evidence, looks likely. If your password is a common name or a word that appears in a dictionary, then your account is vulnerable, even if it has a year of birth or number attached to it.
This is how the hackers do it:
- They employ an automated script that is fed your Hotmail address and then goes to work./li>
- It feeds the entire dictionary and common passwords and names into Hotmail one by one, trying to log in.
- After several attempts Hotmail "locks" the account and present a CAPTHCA (i.e. a string of wonky letters and numbers that are supposed to stop scripts from doing exactly that, because only a human can read these letters, supposedly).
- Unfortunately the CAPTCHA method no longer stops scripts, because hackers have found ways around them. One of those ways works by using sophisticated character recognition software that can read the wonky letters. Another is to feed the letters to "CAPTHCA farms" - the letters are fed to human users, employed by the hackers to read and enter CAPTCHAS, and they are often paid by the number of CAPTCHAs they enter (for example 1 cent per entry). This becomes viable financially if the spam is part of a bigger scam. The scale of the deception means it makes more money, especially because people are much more likely to trust spam messages sent by their friends. This achieves greater returns for the hackers and means they can attack many accounts, bypassing email security systems.
- Sometimes the scripts do their work over days, and sometimes weeks, to escape being caught by Hotmail's attack detection systems.
There are of course other ways for hackers to achieve this kind of attack, such as spyware on your computer, or you being deceived by a rogue website. My instructions below would help you tackle these as well.
WHAT SHOULD I DO IF MY HOTMAIL ACCOUNT GOT HACKED?
Go through the following steps, one by one:
1. Before you do anything else, change your Hotmail account password to something very safe. Not a dictionary word or name, or even a word and numbers. Use symbols such as $ and & in your password, and make it long. I know it is difficult to remember, but if you don't want to be hacked, you'll have to start using strong passwords.
2. Now check that your autoresponse and email signature on Hotmail do not have any spam text added to them, as this would go out to your contacts automatically.
3. Then check that your computer does not have spyware or viruses, by following the instructions here.
4. From now on keep your passwords safe, and be extra careful when using public computers (such as those in Internet cafes). If in doubt - change your passwords.
5. You may want to alert Hotmail support to the problem. It seems to be happening all over the place, and the more they know about it, the better it is for their efforts to address it.
And please note: if for some strange foolish reason you decide to go to the site advertised by the spammers, and you are even more foolish and decide to buy something on it, don’t be surprised if it never arrives. This is a well known scam, and you will never get your goods, you muppet.
Related posts:
July 30th, 2010 - 18:41
I have been hacked recently but im not sure if my contacts have been deleted along with alot of the mail sent during this time, i am now still recieving some unpleasent emails from porn sites etc and some personal information was gained and used in a disturbing way to try and gain money.
July 30th, 2010 - 20:16
My account was hacked this morning at about 4:52am and it sent emails to all my contacts stating I was in the UK and I got hikacked and needed help. Bull doodoo this is the place you need to go to if your hacked. It is a forum and they will respond to your issue via this way or the alternate email you provide.
https://windowslivehelp.com/PasswordReset.aspx
Still waiting a response………
July 31st, 2010 - 05:12
my hotmail account has been hacked…and the hacker has even changed my secret question so wht do i do now…and also my alternate e-mail address has been changed..wht do i do?? plz help..im in danger..
July 31st, 2010 - 05:13
my hotmail account has been hacked…and the hacker has even changed my secret question so wht do i do now…and also my alternate e-mail address has been changed..wht do i do?? plz help..im in danger..
August 4th, 2010 - 18:42
My Hotmail account was hacked this morning sending emails to my contacts stating that I am attending a UK program and I have been robbed. Asking for 2000 UK money. I went through the Account Password Recovery but still wating for reply.
I have plenty of personal info in those emails. What should I do?
August 5th, 2010 - 19:34
I’m the same, the email said I was in France and was mugged and asking everybody to send £2000. They’ve changed my password and security question so now can’t access my account! What should I do?
August 6th, 2010 - 18:01
Hi
I was hacked and it took them a week to get me back into my account. You have to constantly post on their forum that you have been hacked. If you can reset your passwords you should do it if you cant then you should report it to hotmail and have them temporarily shut down the account. you have to be persistent.
it is a process and beyond annoying and awful!
Good luck!
August 8th, 2010 - 19:33
same here……this sucks. 10 years of emails, extremely important info, etc. The hacker even had the balls to leave me a voicemail message. I’ve been on the phone for hours to MSN, Verizon, etc. None of them are taking it seriously. Great customer service!
August 12th, 2010 - 07:23
I have the same problem as Disgruntled man. My hotmail account has been violated and the hackers are trying to extort money from my contacts. Can’t even access my account to delete it.
August 15th, 2010 - 01:04
Same thing has happened to me…I’ve had this account for ten years. Alot of personal information in the account. When I first realized that the account was hacked I changed the password but I did not change the security question. The hacker changed the answer and now I can’t access my account.
August 15th, 2010 - 17:02
my profile has been hacked.. :( plz help me out.. plzz… m really in need of my account..
August 19th, 2010 - 18:31
My account of 12 years has been hacked. I was able to change my password but it is concerns me that this seems to be common with hotmail now.
August 20th, 2010 - 03:20
my hotmail id and msn messenger both have been hacked on the 18th night. i have reset my password thrice but now i am not able to do so. i need my contacts and my account activated as i have a lot of information which is used by me. the worst part is that the hackers are trying to extract money from my contacts. please help !!!
August 26th, 2010 - 05:34
My hotmail id and account msm messenger both have been hacked on the 19th August while I was on holidays. I need all the contacts as I have no back up file with email addresses etc. I cannot access the account to change password and am at a loss to know what to do please, all my contacts have received an email from the hackers askin for money stating I was robbed while on holidays in Asia and needed money to pay Hotel Account and to leave the money in a Western Union Bank Account
August 26th, 2010 - 15:44
I had my hotmail account for ten years and was hacked on 8/24/10, they said I was mugged at gunpoint in the Uk and my cash, credit cards and cell phone were stolen and they asked that whoever recevied that email to contact them (supposedly me) so they could tell them where to send money. They changed my password, secret question and my alternate email address. No one at MSN will help me. Today my husband said someone called his cell phone and the person told him “you have my cell phone”. PLEASE HELP!!!!!
August 28th, 2010 - 00:51
I had my hotmail account for 10 years and it was hacked on 8/26/10 – I was stranded in London and they acked all of my contacts for money. One of the contacts was my other email account at yahoo. I replied to the hacker’s request and said I was in London also and could meet “you” to help out. They sent an address for me to wire money that was 18 Fish Hill Street in Londa – close to public housing area (info thanks to google). I forwarded the email request and reply to Scotland Yard and asked for help. Haven’t heard back from MSN yet.
August 28th, 2010 - 14:42
I got the same Msg that I was in the UK on Vacation and I got robbed…..
E-mailed to a friend who in turn call me this morning~I also posted it on Facebook that the e-mail addy is not me do not open just delete
August 29th, 2010 - 02:53
This just happened to me for the first time ever. The hacker/bot sent SPAM out to all my contacts. I’m a Network/Systems administrator for the record, so I’m a bit suprised this has happened to me. None of my computers were powered on at the time (1:00AM-7:00AM) and none of my portable devices have hotmail account information stored either. I changed my password and security password to be safe.
September 1st, 2010 - 21:25
My friend has just had her email compromised. For a couple of weeks “Windows” sent her emails telling her that they were closing sites for safety reasons and that hers had been chosen. Therefore she should very her email. She clicked the “windows live email link” and punched in her password. That must have been the mistake. Now all of her contacts have received a begging email in Spanish. However, there is now bank account for the money or whatever. What’s the point?
Anyhow, now she is wondering if her bank account is in danger. What do you think?
September 3rd, 2010 - 06:01
My hotmail account have been hacked into and whoever is using it are sending disgusting emails even to my superiors. Really want to get rid of the account as i am fed up of it all.