Has your Hotmail Account been Compromised or Hijacked?

I have been noticing a rash number of people, using Microsoft’s Live Hotmail service, where their accounts are being compromised. What I mean by that, is that their account has been hijacked (accessed) and is automatically generating (sending) spam email to everyone in the account owners address book.


For example, several parties that I know personally (this week) had their account hijacked, and unbeknownst to them, everyone in their address book started receiving emails that contained nothing but a link to an unknown web site.  Many of these sites, if clicked on, are not reputable sites and may contain a malicious payload that could infect your computer.

If you have a Hotmail Account and you are a victim of the tactic, as I have described, there are several things you can do:

Immediately change your password in the Hotmail options. The “options” section is very tricky to find due it is partially  camouflaged with an advertisement. On the top right side of your Hotmail account you will see the link to “options” and most likely a vertical advertisement banner. To close the advertisement banner, go to the bottom of the advertisement and you will see an “X” to close it.  Once that has been accomplished, you will see a small arrow next to the options link. Click on the arrow and you will see “more options”.  Click on “more options”.  You should now see numerous account options, with one being the option to change your password. While changing the password, I suggest you place a check next to the option where Hotmail will prompt you to change your password every 72 days. Make sure you use a strong password.  What is a strong password?  Go to this site [ HERE ] , type in the password you intend to use and the site will tell you how long (in terms of time) it would take someone, with a computer, to crack the password.  The longer the time, the better.  For example I tested a password that would take 11 years to crack.

Also, under your Hotmail options, visually check the “automated vacation replies” and “personal email signatures”.  If you see anything suspicious, delete the suspicious content and click “save”.

If your account is of big importance, and you have been hijacked, I suggest deleting your Hotmail account. Prior to doing that I would move (export) my address book to a file (.csv) that you will save to your computer.  The link to “export” your address book is under the Hotmail “options”.  Next,  go to wherever you plan to set up your new email account. Once it is setup, import your contacts from the file you saved on your computer, into the new account.  After you are satisfied, go back to your Hotmail account, delete all of your contacts, then delete your Hotmail account in its’ entirety.

To close a Hotmail account, go into options, click on “Account details (password, aliases, time zone)”, and at the bottom of the page you will see “Close Your Account” under “Other Options”.

If you want to know if I use Hotmail? I do use it, but only as a low priority email service. I am very concerned by the number of people I am seeing on their support site where accounts are being hijacked left and right.  Folks, the solution to this is one important thing, especially if you are using a web mail service.  Change those passwords, change them often and make them difficult.


jaanix post to jaanix

Bookmark and Share



28 Responses to Has your Hotmail Account been Compromised or Hijacked?

  1. techpaul says:

    Excellent article, Rick. It seems that it is Hotmail’s turn, but I would like to say to your readers that the advice here is just as important – and applicable – to any webmail/messaging service.

    … whenever I write a passwords article, my ratings plummet. But I write them anyway because they are our primary security and privacy tool. They are very much like your ATM’s PIN number, yet people seem to think i=of them only as a “hassle”.

    • Ramblinrick says:


      Keep writing those “password” articles… It is the primary element to protecting oneself when using any web mail service. We all become complacent; and, you know as well as I do, complacency will get you no where. I have been telling my friends that if they do not change their passwords, they will eventually become a target; no getting around it.


  2. pochp says:

    My first email nightmare was with Hotmail. It was what made me lose trust in Microsoft altogether – it seemed it didn’t care about saving my account while it was still posible. I might have made a weak password but the bottom line is helping save my account when there was still hope. Makes us wonder why the latest Hotmail version which I use as backup like you seems so secured by MS now doesn’t it? 🙂

  3. Ramblinrick says:


    I had a very good Tech friend point out to me in reference to this article, “that we must remember, these web mail accounts are FREE”. Therefore, the suit of armor is thin and it is our responsibility to toughen up that suit of armor. Every person I met with that experienced their account being hijacked were using very weak passwords. I cannot stress enough that the passwords have to be ironclad passwords and changed often. As always, I look forward to your insightful comments.


  4. jr says:

    I’ve noticed this for over a year now. The links that go back out on their mailing list is usually a Viagra site, so I imagine that is a joke. Is Hotmail doing anything about this? Giving advice on locking down the email list would be good for them. As the cloud continues to pull services into their control in an attempt to prevent malware, maybe this is one for them to tackle.

    • Ramblinrick says:


      It is no joke… If your account, unbeknown to you, is sending out links to viagra sites, then your account has been compromised and you should change your password (for a starter). Those links being sent out, as I experienced in helping others with this issue, often were to malicious websites. If you start receiving emails from a friend with nothing but a link in the body of the email, then it is most likely their account was hijacked and compromised.


  5. J Davis says:

    I loved the ‘how secure is my password’ site. I came up with one that would take 28,000,000 years to crack!

    My hotmail account was hijacked and I lost all of my contacts. Unfortunately Microsoft locked me out of the account and his been no help whatsoever! I set up the account years ago but couldn’t remember the answers to their security questions do i just abandoned the account. I hated to lost those contacts many of which I have lost forever. Thanks microsoft!

    • Ramblinrick says:

      J Davis,

      I have seen others experience what you have went through. I have found that you will have little luck with Microsoft Hotmail support actually providing support. Count it as a lesson. Also, change the password often and make it a hard password. I also recommend Gmail (by Google) and use their double verification method to login. Virtually impossible to beat that.


  6. Lona says:

    Great article, Rick. However, I have another problem. I can sign in into my hotmail with my current password but I can not change my password as in the options it is invalid?!?
    Any suggestions?
    Appreciate your help.

  7. John Slevin says:

    Change your security questions / answers to something impossible to guess and write them down (not on the computer). Don’t use stuff that can be guessed like “Favorite person from history – Thomas Edison”. No matter how good you think that stuff is people can use trivia knowledge to guess them and even personal family names can be found on the internet these days. A strong password is useless if someone can use the forgot password function to reset it by guessing your security questions.

  8. Lam says:

    I am very experience in IT field, over 30 years experience, and very careful on security issue. like anything else, something is out of your control, Things finally happen and it is big, 15 years valuable emails and contacts all gone, the recovery tools is useless. like talking a simple robot can only understand 2 -3 sentances, the rest is no answer, no 911 call for more help. often, MS partner or sponsor are also shutdown all the negative comment.

  9. Jon says:

    when i log into my hotmail account, it starts with yesterdays position i.e. the emails that I have read from yesterday are unread, those that I have deleted are still there. then a series of actions take place, eventually leading to a screen for a new email. If I then click on inbox, it has updated to todays email. This happened a few weeks ago and eventually my account was hijacked and sent out spam. I changed my password, ran malwarebytes and norton, and this stopped happening. Now it started again and I changed password etc. Yesterday it was ok but now it is happening again. Has anyone experienced this problem or got any ideas how to fix it

    • Ramblinrick says:


      My Dad, big hotmail user, recently has been experiencing some weird results, as well. Using Firefox, his inbox would load; however, none of the links would work where he could open the mail. I ended up using CCleaner to dump his browsing cache on his computer and it seemed to resolve his issue. I do believe there are some problems going on. I also find that Hotmail is susceptible to hijacking. I just know too many people where their hotmail accounts have been compromised. I use hotmail as a secondary (non-important) account and change my password monthly.


  10. charles haddad says:

    Dear officials
    I cannot sign in to my hotmail account because microsoft has blocked it i cannot change my password use a new password or and hotmail live id

    I don’t have an email address that I can receive info from you it does not let me in
    i don’t have an email address its blocked does not work anymore
    it’s blocked by microsoft

  11. gerry vandyke says:

    Please get me my hotmail account back….gerryvandyke@hotmail.com without scamming me for money Hotmail. There is no way somebody hacked my password. It was way to hard. I notice you guys are offering to fix it at $38. Is this how its going to be ???

  12. Tanya says:

    I was sending some people in my contact list a greeting for the holidays and to my surprise found some email addresses in my account that I have no idea how they got there. I was very angry becaue they ALL were based on chatrooms for nude chicks, singles chat rooms, sex stuff and the like. How does that happen when I have never open such links? Very puzzled.

    • Ramblinrick says:


      With online email accounts, change your password frequently. It is very frustrating, as you have experienced to find that someone has compromised something that we hold personal. Thank you for sharing this experience with the readers here.


  13. Oh, please help me! I teach elementary school and , would you believe, THIS is the most frustrating thing I’v ever encountered. My Hotmail was hacked and bogus money requests and going to to my contacts. The password is changed and when I request to reset it, the mobile ph and alternate email addresses are changed. When I try to prove I am the owner, they aren’t satisfied with the info I can provide for previous subject lines, old passwords, etc.
    Is there anyway to close this account? I don’t want my contactsa hassled.

  14. L M BEE says:

    NEVER USE the “keep me logged in option”. It is very misunderstood by most users.

    The hotmail hijack problem is the result of the recent live mail / hotmail option to “keep me signed in”.

    By selecting this option – you are kept signed in at all computers where you have physically selected this option – anywhere in the world – even after you log out of hotmail, even after you shut down the computer and even after your trip is over and you return home to your own country, home and personal computer.

    What a STUPID Option. What a security nightmare. It may be the reason for the spate of hijacked and hacked mail accounts. Microsoft blew this one.

  15. Abby says:

    Is there any way to check if I am logged onto my Hotmail account on more that one computer?

  16. Suzanne says:

    Once your address book has been taken, you can change your password every day and not stop the spam from your address. The emails generated from my email address are not really coming from my email address. They are coming from mcsjh@cox.net. Microsoft servers can tell that my email address is being spoofed, but they don’t do anything about it. Customer support referred me to their forum, where other folks are complaining about the same problem. Honestly, I don’t understand why their servers let these emails through.

  17. dc says:

    This happened to my friend’s hotmail account today. she said after she found out her account was sending spam emails, she logged on to her hotmail account and it prompted a message and said your account has suspicious activities, please change your password. Without seeing the screen myself, I am wondering if that’s a ‘fake’ screen from hacker or is that something hotmail does when it noticed suspicious traffic…have you heard of it before?
    and THWG!

    • Ramblinrick says:


      Yes, hotmail will prompt for a password change… What I would do is go to my hotmail account, log into the account; then log back out of the account; then log back in. Once back into the account, go into the settings and change the password.


      • dc says:

        Hopefully her computer doesn’t have any crazy virus with today’s incident… that will be tough to help resolve from Ga when she’s all the way up in NYC! =)

  18. jo says:

    This post was not good for me.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s