XP-YESSSSSSS

Dell's already awesome XPS 15 gets even better in 2017

Surface table meets Windows 10

Yes, we did put Windows 10 on the original Surface table ... and it rocks

Cream o' the crop

Before buying a Microsoft laptop, check out our pick for the absolute best

Simple and secure, just the way I like it

We think Windows 10 Cloud is a great idea, here's why

uber micro

Halo Wars 2 has something for everyone. Here's our full review.

Oldie but goldie

We reviewed Microsoft's decade-old Surface table

Creators Update comin' at ya

These are the coolest new features in the next big Xbox One update (video)

Buyer's guide

The Razer Blade 14 is the best laptop Razer has to offer

Windows 10 app gems

10 terrific Windows 10 apps you should be using

Tower of power

Here's what we think of Dell's XPS Tower Special Edition

Quite a deal

Grab the complete C# coding bootcamp for $41!

Your go-to laptop guide

Introducing our ultimate laptop buyer's guide

Listen here

Attn Android and iPhone users: What you need to know about Windows phone

Old is new?

The original Surface Pro still holds its own in the 2-in-1 world

Xbox Greenlight?

No, internet, Microsoft isn't opening Xbox to all UWP games

Falling in love

HP Envy 34 review: An ultrawide curved all-in-one after my heart

2015 machine in 2017?

Surface 3 still holds its own in 2017

Let Kodi cut your cord

You should be using Kodi for Windows 10

Leader of the pack

HP's Spectre x360 15 just might be the best all-around laptop

New or refurbed?

Is a refurbed Surface right for you?

< >
Welcome to the Windows Central Forums Create Your Account or Ask a Question Answers in 5 minutes - no registration required!
Results 1 to 14 of 14
  1. Forgewizard's Avatar
    Member

    Posts
    128 Posts
    Global Posts
    563 Global Posts
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
       #1  
    So my hotmail account has been spoofed.
    Changed the password.
    Delved into Windows Live help, they suggest changing account to always use https for better security, EXCEPT if you have a Windows Phone!
    WHAT?
    I've had a hotmail account for several years but didn't use it much based on reports of poor security. Preferring instead to use my Yahoo plus account.
    With the purchase of my Windows Phone I sent all my contacts in yahoo to the Hotmail account when setting up the device - and now less than 2 months later my account has been spoofed and over 300 emails have been sent to individual addys as if I sent them!

    On Monday I changed my password as advised according to hotmail/windows live security suggestions. Last night I see where yet again the account has been compromised! According to MS scale the passwords I use are strong. Used their MS essential security scanner - no malware or viruses - so my security program is doing its job to protect my pc.

    Delve deeper into MS articles on spoofed/hijacked accounts and they say that scammers can use either real people or hi tech programs to read the wavy text designed to prevent hijacking!

    Once an account has been compromised there isn't much that can be done they continue!
    So what is my alternative now? The spoofers have my email handle and can continue to send spam as me. They did 333 in one day! MS says they can shut down my account because of spam being sent from my email addy! EVEN if I am NOT the one actually sending the spam!

    Use of Windows Phone prevents me from using https for more secure sign in. They say to add my cell number to get a text confirmation to increase security - but now that puts my cell number on the account - for the spoofers to see and use?

    I don't like this! This is a MAJOR security issue! NEVER encountered a security breech when using Palm devices and yahoo and now in less than 2 months with Windows phone, windows Live and hotmail I have a compromised account? :mad::mad::mad::mad::mad:
  2. aubreyq's Avatar
    Member

    Posts
    1,245 Posts
    Global Posts
    1,267 Global Posts
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    #2  
    What happens if you select https? The phone won't retrieve the email?

    Sorry you're going through this. I use Yahoo and I never switched to Hotmail when I got my Windows Phone. Technically I do have a Hotmail account because I needed a Windows Live account for my phone, but it's kind of weird because my Windows Live account is username@yahoo.com. Crazy.
  3. thed's Avatar
    Member

    Posts
    993 Posts
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    #3  
    I have it set to always use https and hotmail on my phone works fine. Have you tried it?
    Last edited by thed; 12-01-2011 at 03:24 PM. Reason: didn't fully read OP
  4. palandri's Avatar
    Retired Moderator

    Posts
    7,589 Posts
    Global Posts
    9,915 Global Posts
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    #4  
    If the server is hacked there is nothing a strong password or https will do to help you. They could also be sent off a clone server, making it look like you, so emails that don't do through, get bounced back to your email address.
  5. Tobyus's Avatar
    Member

    Posts
    73 Posts
    Global Posts
    85 Global Posts
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    #5  
    Also, be sure you aren't using too short/simple of a password. Preferably at least 8 characters long and mix upper and lowercase characters with numbers and symbols to increase the difficulty of stealing it. Now, if someone is pretending to be sending e-mails as you, they really haven't got access to your hotmail account, and no matter what security measures you take, you won't be able to stop it (but that could happen to any e-mail address). It's pretty easy to send an e-mail with the "From:" populated with whatever you want.
  6. power5's Avatar
    Member

    Posts
    1,222 Posts
    Global Posts
    1,610 Global Posts
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    #6  
    Quote Originally Posted by Tobyus View Post
    Also, be sure you aren't using too short/simple of a password. Preferably at least 8 characters long and mix upper and lowercase characters with numbers and symbols to increase the difficulty of stealing it. Now, if someone is pretending to be sending e-mails as you, they really haven't got access to your hotmail account, and no matter what security measures you take, you won't be able to stop it (but that could happen to any e-mail address). It's pretty easy to send an e-mail with the "From:" populated with whatever you want.
    Emails are going to people he knows in his contacts from hotmail. I would say they have hacked into his account.
  7. thed's Avatar
    Member

    Posts
    993 Posts
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    #7  
    Also, check the recovery settings on your account. If whoever has access to the account changed those, then it doesn't matter how many times you change the password, they can keep getting back in.
  8. welsbloke's Avatar
    Member

    Posts
    252 Posts
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    #8  
    Email spoofing whether it comes from your account or not is pretty common and once they have your name on file so to speak it is very difficult to stop. The problem now is that the mail servers need to protect themselves from spoof mail so we end up using things like spf and other tools which in turn mean legitimate mails suffer through false postives or being rejected for not obeying rules. Its a vicious cycle and no end in site.
  9. N8ter's Avatar
    Banned

    Posts
    712 Posts
    Global Posts
    717 Global Posts
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    #9  
    Happened to my Hotmail last week. I had no idea until I checked my sent messages folder.

    My password is beyond strong.

    Sent from my SGH-T959 using Tapatalk
  10. Mike-Mike's Avatar
    Member

    Posts
    184 Posts
    Global Posts
    1,309 Global Posts
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    #10  
    where are you talking about setting it to use https? from the mail tile? or from just going through the IE browser?
  11. martin_strahilovski's Avatar
    Member

    Posts
    263 Posts
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    #11  
    Did someone noticed that if you type too long password (25 chars), hotmail only recognize 20 chars? The rest 5 chars are here, but hotmail is working only with 20 :)
  12. jimski's Avatar
    Member

    Posts
    2,254 Posts
    Global Posts
    2,259 Global Posts
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    #12  
    I say line the JOs up against a wall and shoot canons at them filled with real Spam. Wouldn't mind a few lead balls mixed in either.

    Sent from my HTC Surround using Board Express
  13. FriendOrDafoe's Avatar
    Member

    Posts
    192 Posts
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    #13  
    I would Delete that account and Start up a new hotmail account. I've never had problems with hotmail security.
  14. Forgewizard's Avatar
    Member

    Posts
    128 Posts
    Global Posts
    563 Global Posts
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
       #14  
    @ Palandri:

    Yes, that's exactly how I discovered the compromised account! First alert was 86 emails received showing on my Hotmail WP7 tile. They were all returned from the "postmaster". Sent to contacts starting with the first one inmy address book and continuing down the list. In the Sent folder of hotmail 333 emails had been sent on one day!

    Regarding signing in with https the info comes directly from the options on hotmail:

    "Using HTTPS will help keep your account secure from hackers-especially if you commonly use public computers or unsecure wireless connections.
    Important note: Turning on HTTPS will work for Hotmail over the web, but it will cause errors if you try to access Hotmail through programs like:

    The Windows Live application for Windows Mobile and Nokia
    MSN Explorer

    If you only need a temporary HTTPS connection, enter "https" in front of the web address instead of "http".
    Use HTTPS automatically (please see the note above)
    Don't use HTTPS automatically

    hmmm, re- reading this - maybe there is a difference for Windows MOBILE and WP 7?
    As a user of Windows Mobile Devices in the past - my brain often equates the two. Guess I'll try to set it up as https along with other new security methods established.

Posting Permissions