• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 649
  • Last Modified:

Hotmail repeatedly Hacked

I have a Hotmail account which I use for a lot of my communications due to convenience.  Lately, it has been getting hacked on a regular basis.  I change the password every time, but it's happened at least a few times in the last two months.

Basically it sends out mass email spam links to all of my contacts from my account (not a spoofed reply-to message).  As these are friends, family, and business contacts, this is embarrassing and I would like to put an end to it and hopefully retain this email account.

This happens when I am not on any of my computers.  All of them have anti-virus software installed.  Am I leaving some sort of door open for these attacks?

Thanks in advance!
0
chrisyano
Asked:
chrisyano
3 Solutions
 
athomsfereCommented:
Are you using a strong password? Something like Pa55w#rd instead of password.

Are you using wireless internet?

What AV / malware scanners have you used to verify your machine is clean?
0
 
Paul MacDonaldDirector, Information SystemsCommented:
Possibly.  Have you run a rootkit detector on your personal machine?  Have you considered using a different machine for a while to see if the problem goes away.

If I were in your shoes, I'd be less worried about my HotMail account and more worried about my bank account (if you do any finanical work online).

How certain are you the headers aren't just being spoofed?  Does the hacker change your HotMail password?  

Do you have another e-mail address you use for password recovery at Hotmail?  If so, is that still correct at HotMail?
0
 
chrisyanoAuthor Commented:
According to Hotmail, each successive password is "Strong".  I do use wireless internet but on secured networks (ie, password-protected routers).  My PCs all have either AVG or McAfee running.

Admittedly, the scans may not be up to date on my McAfee machines because these are work machines and they take forever and slow down the machine.  Unless this is an indication of a virus?

I do have a Macbook Pro, which runs Parallels (also with AVG).  The Mac side, however, is not secured as running AVG for Mac caused too many problems with other devices.

Thanks!
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
chrisyanoAuthor Commented:
@paulmacd

I don't know much about rootkit detectors, but I am open to trying that.

As for financial work--I check those fairly regularly and haven't had issues to date.

I'm not 100% certain about it not being a spoofed header, however, the emails do seem to be generated from my account (there are "sent" messages in my sent mail folder).

The password recovery email addresses are still correct.
0
 
Paul MacDonaldDirector, Information SystemsCommented:
A rootkit (a low-level hack of the operating system) won't show up with a typical antivirus scan, so I advise running something like Rootkit Revealer (http://technet.microsoft.com/en-us/sysinternals/bb897445) or its ilk.

Also, if you can just use one machine or the other for a week or two to see if the problem disappears, that will go a long way toward determining if the problem is machine specific.
0
 
chrisyanoAuthor Commented:
@paulmacd

I will run the one you linked.  

Unfortunately, there are two machines that I must use for work purposes (each serves its own purpose in my business), and the third is my personal laptop which gets some usage as well.  That makes using only one machine for a couple of weeks basically impossible--unless you are referring to internet usage only.
0
 
Paul MacDonaldDirector, Information SystemsCommented:
I mean only access HotMail from one machine.  If the hacking stops, that machine is probably not a suspect.  Move on to another and try it for a while.  If the hacking still doesn't repeat, it's likely the last computer is the issue.
0
 
chrisyanoAuthor Commented:
Oh, OK.  I can limit Hotmail to one PC without too much difficulty.  In the meantime I will be running those rootkit detectors on two PCs and perhaps my Macbook's Windows as well.
0
 
madunixChief Information Security Officer Commented:
Change passwords regularly and use strong one and always use different passwords for different services (facebook, yahoo, twitter, forums...)
0
 
chrisyanoAuthor Commented:
I am currently running the rootkitrevealer on one machine.

@madunix
I do change passwords frequently, but I will admit that I use a handful of them for multiple sites.  Thing is, it seems only Hotmail gets hacked so I haven't been all that worried about the others to date.  Thanks for the input.
0
 
chrisyanoAuthor Commented:
Thanks.  I am going to post my results from the Rootkit Revealer once it finishes its scan.  So far it doesn't look like any issues, but I will repost another question with a fresh point award for more help.

Thanks!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now