My Hotmail account has been compromised
Well, here’s something I didn’t expect to write about – my very own Hotmail account has had its username and password accosted by spammers!
I have a very old one that I opened up years ago. I use it to subscribe to bulk mail services and use it as the identifying account for my other personal blog. Other than that, that’s it. I do have another account filtered by Hotmail but it is a vanity domain that I registered with Office Live 3 years ago. Anyhow, it is this personal one that was the issue.
I POP all of my mail through Thunderbird except for Yahoo Mail which charges me for it (whatever), and my regular Microsoft mail goes through Outlook. Since I use this Hotmail account for virtually nothing except bulk mail, I never check it. In fact, I have it as a subfolder under my vanity domain’s folder. Indeed, most of the mail that goes into that folder is spam – someone or other from the Windows Live Network that wants to be my friend. I never friend these people, of course. I just ignore them. So, whenever I get mail into the folder, I rarely check it because it isn’t mail that I want. I may have signed up for it, but if I don’t read it I won’t worry about missing anything.
So imagine my surprise when I went in there today and noticed a bunch of bounce notifications. I had a bunch of messages with subject “Delivery Status Notification (Failure)” in my inbox, and when I clicked on them they were all bounces to people in my Contacts list indicating that they could not be delivered because the mailbox was unavailable, and at the bottom of the message was a spam.
I was instantly puzzled. How did this occur? At first I thought that I had been somehow compromised by the “Here you have” spam campaign that I wrote about last week. However, I noticed the date of the bounces and the first one was Sept 4, 2010. I then decided to check into my Hotmail account (I never login to Hotmail – why would I if I am popping my mail) and checked my Sent folder. Sure enough, “I” had “sent” piles of messages to people in my address book. The messages went back to Sept 5, 2010 (that’s all that shows up in Hotmail, but the time stamp is GMT which corresponds to Sept 4, 2010) and that was all the evidence I needed. Someone had stolen my password. I immediately changed my password and since that time the delivery notifications have stopped.
This puzzles me. How did my account get compromised? I started doing the math in my head. The bounces started getting back to me on Sept 4, 2010. That was Labor Day weekend, the Saturday. This makes no sense because on Saturday, Sept 4, I was out of town. The time stamp on the first bounce is 7:10 pm. This means that some time before 7:10 pm Pacific time my Hotmail account was compromised. The hotel did have wifi, and I did use it. I definitely do not recall using this particular account for anything, that wouldn’t make any sense. This account is something I almost never use. I did not blog at all that weekend (that’s the only application I use the username and password for). I didn’t write any blog posts using Windows Live Writer from Aug 30 to Sept 10. But is it possible that the password was stolen somehow when I connected to the wifi sometime between 5:30 pm when I finished a hike and subsequently checked into the hotel, and 6:30 pm when I left the hotel to go some place else (Pilot Butte, a hill in Bend, Oregon)? It would fit the time frame as the spam started occurring about a half hour later.
That’s my current guess.
Comments
Anonymous
September 14, 2010
Well, you have said that you use Thunderbird to check that account. Does it use POP over SSL or plain POP? Maybe there was some sniffing going on the network...Anonymous
September 15, 2010
It's possible that it was sniffed over wi-fi but that doesn't scale very well to send large scale spam. Perhaps there's a bot out there sniffing wifi networks for e-mail accounts and passwords. Are you certain you didn't use that e-mail address and same password to setup an account on other services (other than your personal blog)? If so, it's possible that those services were compromised, had an attacker on the inside or were evil to begin with. I thought I'd share this XKCD post: http://xkcd.com/792Anonymous
October 19, 2010
I don't use Wi-Fi myself and am setup the same way. It never does this if I don't have contacts listed in my account. Also when I added email addresses to my contact list in Outlook, it added the same contact information into my hotmail account because of the protocol that is being used to pull all of my emails from hotmail into MS Outlook 2007Anonymous
October 26, 2010
I had the same exact thing happen to me. I used to use my Hotmail account back in the day for MSN Messenger, but I haven't for five years or so. I still log in to the account about every three months just to keep it active. I logged in today and had a whole bunch of Delivery Status Notification (failure) messages, as well as the corresponding messages my Sent folder. Frankly, it somewhat boggles my mind as to how this would happen. I have never used Hotmail/Messenger/etc over an unsecured connection wi-fi connection (or even a wi-fi connection). I'm fairly certain that the only computer I have accessed Windows Live/Hotmail from in the past year if not longer is my work computer, which is quite secure and malware free.Anonymous
October 28, 2010
The comment has been removedAnonymous
October 28, 2010
I'm dealing with the same as gregg. First noticed the mail delivery things about a month ago and then it stopped. Next my sister called last week telling me she received the "Ive been robbed overseas letter" and I promptly figured out it was a scam and changed my password 2 days ago. This a.m, I tried to sign in and was locked out and had to reset again! Since I was locked out they sent an email with instructions to reset to my alternate hotmail account, but when I went to sign into this 8 year of so old account, I was locked out of this one as well!! Apparently my hotmail has been compromised also....it's been probably 2.5 weeks since last signing in. I haven't yet fixed my hotmail account password yet...have to now wait 24 hrs since the alternate email account for cases such as this was my Yahoo account which at the time was still not reset. UGH!! I just can't believe this! I know it has nothing to do with my computer though, because the Yahoo deal started on an old computer.....it since crashedAnonymous
November 10, 2010
The comment has been removedAnonymous
November 15, 2010
The comment has been removedAnonymous
November 16, 2010
i too have just had my account used in a similar way, asking someone for details and seem to be having a conversation through my account!Anonymous
November 23, 2010
The comment has been removedAnonymous
November 30, 2010
My hotmail account has also been compromised and I am unable to get into the account or change my password. The person who got into my account even put in an alternate email account so that I am unable to go the regular route. The hackers sent a message to all of my contacts saying that I had been mugged in London and needed money. This has been a nightmare. I have jumped through all of the hoops but with no success. Will I ever be able to get my contact addresses??? Help Microsoft or Hotmail or somebody!!!!!!!!!!!!!!!!!!!!Anonymous
December 06, 2010
I just received an email form my hotmail account in my yahoo. I haven't opened my hotmail account for quite a while & you can just imagine my surprise when I saw the email with all of my contacts in the email. its a spam saying like this: ttp://brandnew-hoomee-biz.ru/?76Qbv87 Priomote your petontial froem home I swear, I'm cursing MSN for this! this is the 2nd time that happened to me & my account has been blocked.Anonymous
January 09, 2011
Hi Tzink! Thanks for your blog! Exactly the same happened to me. It must be a brute force attack by a bot or something.Anonymous
January 20, 2011
The same thing happened to me a month ago and as of last week, I know at least 4 of my friends' hotmail accounts were hacked and sending out spams to all of their contacts. Does Microsoft even know this problem exists? I've reported the incidence, but I'm assuming the report may have gone straight to their spam folder and would never be looked at. Someone at Microsoft has got to start realizing that this is a huge problem!!Anonymous
February 20, 2011
can't open my account and no help from msnhotmail.comAnonymous
February 27, 2011
i had a problem,someone is using my acount, brighitmoh31@hotmail.com ,he already changed the password ,i can t enter anymore,please if you can do something in this case ,let me khnow on my email: brighitmohamad@yahoo.com thank you very much. the person asking my contacts to send him the money under of my name:From: brighitmoh31@hotmail.com this the message: To: michellefite31@hotmail.com Subject: RE: Date: Mon, 28 Feb 2011 17:36:18 +0500 Hello, Thanks for getting back to me i want you to know that i have been having a problem with this transaction at the bank because i was told that there is no such transaction available at this moment so i don't know if there is a mistake somewhere so i will like you to crosscheck very very well and get back to me with the following details needed below: First Sender's Name: last Sender's Name: Full Sender's Address: MTCN No: Text question: Answer: Regards, Hoping to read back from you as soon as possible ...Anonymous
February 28, 2011
Have had the same problem here. Had an account years ago for MSN, but closed it when I moved on. For the past five months, I have had people I know contacting me to complain about my old account spamming them. They are demanding that I do something about a Hotmail account that I am locked out of and that MSN will do nothing about. How am I being held responsible for something that I can not change? and I can not access staff at MSN who will delete the account? Sure, spam filters work, but it still chews up resources and is a waste. Delete these spam accounts.Anonymous
April 17, 2011
I believe you are here to meet nice people. I will like to be your friend. My name is Gift, Please if you accept me please contact me with this email (SONIAemmedy@hotmail.com). You can write to me anytime.Anonymous
May 03, 2011
The comment has been removedAnonymous
June 17, 2011
Been getting bounce backs myself, but nothing was ever in the sent folder. I couldn't close the email thanks to Games for Windows Live (I'd lose access to my games) so I was forced to send everyone an email on my list to block me and open a new address and pretend the Hotmail one doesn't exist (unless of course I am logging in to play my games). A shame since I had it for almost 10 years.Anonymous
July 15, 2011
I have been compromised as well, except guess what? They didn't change my password. I don't know why. But I am unable to change my password! I can't even go to the link to change it, or reset it, or send it to an alternate email, because if I get there, in less than 2 seconds the page redirects itself to a different page, but hotmail related. I am afraid this person is talking to my contacts, or emailing them, maybe even going through my emails, and it bugs me!! Please help guys I am really afraid right now!Anonymous
August 29, 2011
I had a similar thing happen. I installed Thunderbird and added all my gMail accounts using the default settings. I did not however add this Hotmail account to Thunderbird. Strangely my Hotmail account spammed all my contacts, but what is most odd is there is no evidence they were sent using my Hotmail account. I got about 2 dozen bounce notices to my old contacts. Here's my theory: These eMails are not actually sent from my Hotmail account, but somehow during Thunderbird install my gMail messages were intercepted and the email addresses of all my contacts were harvested. Then they spoofed the headers and faked that they were sent by my Hotmail account. Thoughts?Anonymous
November 15, 2011
I have read this article with some interest as the same thing happened to me. I hardly ever log into my Hotmail account but when I did recently there were Delivery Status Notification (Failure) messages in my inbox and spam messages sent to my contacts in the sent folder. I don't use POP to access this account and had not used it for some time. How did someone gain access? I have no idea. I've done the usual checks for worms, spyware and so on and nothing suspicious found. I've enabled https and changed to a strong password - not that the old one was weak. I'm certain that the account was compromised by methods that were beyond my control.Anonymous
November 16, 2011
How do we recover from these situations. My account has been blocked after I changed my password. I have yet to hear back from MSN on how to remedy that. Do any of you have any ideas?Anonymous
November 28, 2011
The comment has been removedAnonymous
December 08, 2011
My hotmail account has been blogged and urgently need accesss to my emails, plz help, . jen9alderbury@gmail.comAnonymous
January 02, 2012
My hotmail was compromised - the message was to open a video or photo, which did not open. Also only noticed it after messages of returned mail. I did say that it looked like spam and reported to MSN. (now says 'Do you think the sender was hacked' and I said yes. A day later my account was suspended with a link to a get a code to verify and requested a change of password. I hope OK now. I don't recall being on any site requesting password, but I did use WIFI with my phone... IS it the WIFI? Am going to delete all my contacts now just in case...Anonymous
August 21, 2012
What does one do after it is hijacked?Anonymous
August 26, 2012
This has happened to me..today...and I have NO clue what to do??!!! Can anyone helP?Anonymous
April 25, 2013
account hacked, locked out, waiting over a week, i WILL PAY $19.99 for hotmail plus or whatever to get back in ASAP. i re-requested to reset the account now about 3-4 times and its been 3 weeks in total that i have been locked out. How much do i need to pay to get into my hotmail account ASAP?? Jeff 415-992-7688 please call or email me at J.goldman@dunhillworldwide.com From: Microsoft Account - Unmonitored Automated Email [mailto:unmonitored@microsoft.com] Sent: Friday, April 19, 2013 12:06 AM To: j.goldman@dunhillworldwide.com Subject: We have received your Account Recovery Request for mrjeffgoldman@hotmail.com Thank you for contacting Microsoft Support. We have received your Microsoft Account recovery request for mrjeffgoldman@hotmail.com. Your issue number for this request is 85146244. In order to help you as quickly as possible, your previously submitted issue 84895978 has been closed. Once we have reviewed the answers you submitted we will update you on the status of your request at this E-Mail address. If we can verify that you are the account owner you will receive a link to reset your password. Please note that it can take up to 24 hours for us to review the information you submitted. Thank you, Microsoft respects your privacy. To learn more, please read our Privacy Statement <privacy.microsoft.com/> . Microsoft Support Team Microsoft Corporation One Microsoft Way Redmond, WA 98052 USAAnonymous
November 29, 2014
The dates of my received emails are totally wrong saying from more than 20 years in the future and the menus look like Arabic, how do I sort it ? all tips appreciatedAnonymous
June 20, 2016
I went to login to my hotmail account and it was gone. I typed the password and it opened the Outlook site. All my current e-mails are gone . It has nothing of my records. Where is my hotmail emails???