Hotmail accounts get compromised!!

I received an email on a list and wanted to warn people:
[ad]

Dear friend,
i would like to introduce a good company who trades mainly in electornic products. Now the company is under sales promotion, all the products are sold nearly at its cost. They provide the best service to customers,they provide you with original products of good quality,and what is more,the price is a surprising happiness to you! It is realy a good chance for shopping.just grasp the opportunity,Now or never!
The web address: http://www.nekcn.com

Seems this is being sent from Hotmail accounts. There are a number of ways someone could be getting a hold of your email address. According to Microsoft forums this seems to delete your email contacts and also send out this in the same time. This seems to be a new spam campaign for this one company. I would guess someone bought advertising from this company and the advertiser is doing some really unmoral things.

There are several ways someone hotmail account could be sending out these emails. It could be a [intlink id=”2650″ type=”post”]phishing attempt like they did with Twitte[/intlink]r. They could of done a dictionary attack on each account to find the password, that I why [intlink id=”2646″ type=”post”]I suggest having a password generator[/intlink]. It could of been a virus, and if that is the case you would need to [intlink id=”2205″ type=”page”]check your system out for the virus[/intlink]. I would guess it is the first two, because I am unsure of if you can have pop3 account or not. I don’t use Hotmail but people seem to be using it.

If you recieve this email, I’d email the account responsible to let them know that they have sent this.  I would also like to know if it was a virus or how they account got compromised.   Remember only you can prevent from getting a virus, nothing else works better than yourself.

8 Comments

  1. I just had the same thing happen today 4-9-09. I received an email to another domain from my hotmail account with the same message but a different site link. I immediately changed my password to my hotmail account, but when I checked later that night all my inbox and email was gone. Matter of fact hotmail says I don't even have an inbox. How is that even possible? I've had this email account for over 10 years since before Windows even bought hotmail.

  2. I just had the same thing happen with my email account today. I have had a hotmail account for about 10 years as well. I just copied my email addresses to an excel file. Maybe at least I'll have the addresses. Will that be sufficient or should I get them off of my computer?

  3. More and More, I am thinking you should just change your password. It is looking like it might be a phishing attach because Yahoo accounts are being done the same with the same website!!

  4. I immediatley changed my email password, and tried to find a way to email Micrsoft support (which I didn't expect to do any good). The only other thing I can that may have compromised my account was if I tried to allow Twitter or similar to upload all my contacts, thus exposing my login information to whoever handles that service for them. I don't know but I'm sure not going to pass out my password again regardless of any “benefit”.

    By the next day my email account was back to normal and all my mail and folders were fine. So I'm not sure if it was due to hotmail upgrading my account or what they were doing, but it's back now.

    Sorry that's not much help.

  5. It is more help than you know, I am not sure what it was all about but it sounds like Hotmail servers had a bug in them like a virus but that is what it sounds like because once your changed your password you had full control over your account again. So It might be a Cross Site Scripting going on there!!

  6. I agree it's unlikely to be spyware or a key logger stealing people's Hotmail passwords – several friends with decent AV software have been hacked. I don't think it's phishing either. I think it's a 'brute force' attack at guessing passwords – so make sure your Hotmail password is at least 8 chars long, with upper and lower case letters and at least one digit. It would be useful to know how weak the passwords are that were guessed – did any of them have digits?

    The logins all seem to be from China.

  7. I agree it's unlikely to be spyware or a key logger stealing people's Hotmail passwords – several friends with decent AV software have been hacked. I don't think it's phishing either. I think it's a 'brute force' attack at guessing passwords – so make sure your Hotmail password is at least 8 chars long, with upper and lower case letters and at least one digit. It would be useful to know how weak the passwords are that were guessed – did any of them have digits?

    The logins all seem to be from China.

  8. I agree it's unlikely to be spyware or a key logger stealing people's Hotmail passwords – several friends with decent AV software have been hacked. I don't think it's phishing either. I think it's a 'brute force' attack at guessing passwords – so make sure your Hotmail password is at least 8 chars long, with upper and lower case letters and at least one digit. It would be useful to know how weak the passwords are that were guessed – did any of them have digits?

    The logins all seem to be from China.

Comments are closed.