Hotmail Account Hijacked!

A Hotmail account I've been using for a little while was hijacked and all my contacts have been deleted.

The old emails are still in the account (so I can retrive any contacts I need) and I've changed the password on it but I'm not sure if this is enough to stop it from being hijacked again.

Emails were then sent out in my name by some internet shop selling cameras and IT equipment to my contact list that consisted of numerous contacts. I'm mortified but I suppose I should be grateful it wasn't some internet porn seller or something!

Anyhow this is a warning to those of you who use Hotmail and I guess and other webmail accounts, but can anyone confirm that I've done the right thing in changing the password or should I do more?

Are you sure that the account was hijacked and that there is no other explanation ? For example if you use Outlook Express or another email client rather than the webmail interface to access email then perhaps your machine got infected with a virus which sent emails to your contacts? Can you see the sent spam emails in your sent items? Have you reported the alleged incident to Hotmail? Surely if somebody hijacked your account they would change the password to prevent you getting back in?

Lauren,
the same thing happened my Yahoo account last week. My wife (who is in my contacts) rang me to say that she receved an email from the account advertising tvs etc. I logged into the account and saw a mail in the sent items that had gone to all the addressses in my contacts.

I immediately changed the password and sent a mail to all contacts apologising.

It was my own fault to an extent as my password wasn't complex, it just contained lower case letters. So I assume someone ran a password cracker against it and then automatically sent the email. I would guess it has been run against a lot of yahoo and hotmail accounts.

Hi Buddyboy

Sounds like exactly the same thing...My password had medium complexity....

Clubman...thankfully they didn't change the password. I have reported it to Hotmail. Noone else had the password and I don't forward mail to any other program. I use the webmail interface.

I don't save sent messages but have had people contact me with a copy of the email so the incident is not 'alleged'. To my embarrassment it is very real.

Its useful to create a system that makes every password different and uses a mix of uppercase, lowercase and special characters. It has to be a system that you remember, and has to be something that someone won't guess or someone you know won't guess. Best if it doesn't use words, but its nigh on impossible to remember otherwise.




Something like your or your kids favorite toys, soft toy with the same first letter as the site and use a friends phone number. So *hArRy234528!* (try this on in the password checker).

Maybe Clubman can make a sticky out of this. Passwords are very important.