Well, here’s something I didn’t expect to write about – my very own Hotmail account has had its username and password accosted by spammers!
I have a very old one that I opened up years ago. I use it to subscribe to bulk mail services and use it as the identifying account for my other personal blog. Other than that, that’s it. I do have another account filtered by Hotmail but it is a vanity domain that I registered with Office Live 3 years ago. Anyhow, it is this personal one that was the issue.
I POP all of my mail through Thunderbird except for Yahoo Mail which charges me for it (whatever), and my regular Microsoft mail goes through Outlook. Since I use this Hotmail account for virtually nothing except bulk mail, I never check it. In fact, I have it as a subfolder under my vanity domain’s folder. Indeed, most of the mail that goes into that folder is spam – someone or other from the Windows Live Network that wants to be my friend. I never friend these people, of course. I just ignore them. So, whenever I get mail into the folder, I rarely check it because it isn’t mail that I want. I may have signed up for it, but if I don’t read it I won’t worry about missing anything.
So imagine my surprise when I went in there today and noticed a bunch of bounce notifications. I had a bunch of messages with subject “Delivery Status Notification (Failure)” in my inbox, and when I clicked on them they were all bounces to people in my Contacts list indicating that they could not be delivered because the mailbox was unavailable, and at the bottom of the message was a spam.
I was instantly puzzled. How did this occur? At first I thought that I had been somehow compromised by the “Here you have” spam campaign that I wrote about last week. However, I noticed the date of the bounces and the first one was Sept 4, 2010. I then decided to check into my Hotmail account (I never login to Hotmail – why would I if I am popping my mail) and checked my Sent folder. Sure enough, “I” had “sent” piles of messages to people in my address book. The messages went back to Sept 5, 2010 (that’s all that shows up in Hotmail, but the time stamp is GMT which corresponds to Sept 4, 2010) and that was all the evidence I needed. Someone had stolen my password. I immediately changed my password and since that time the delivery notifications have stopped.
This puzzles me. How did my account get compromised? I started doing the math in my head. The bounces started getting back to me on Sept 4, 2010. That was Labor Day weekend, the Saturday. This makes no sense because on Saturday, Sept 4, I was out of town. The time stamp on the first bounce is 7:10 pm. This means that some time before 7:10 pm Pacific time my Hotmail account was compromised. The hotel did have wifi, and I did use it. I definitely do not recall using this particular account for anything, that wouldn’t make any sense. This account is something I almost never use. I did not blog at all that weekend (that’s the only application I use the username and password for). I didn’t write any blog posts using Windows Live Writer from Aug 30 to Sept 10. But is it possible that the password was stolen somehow when I connected to the wifi sometime between 5:30 pm when I finished a hike and subsequently checked into the hotel, and 6:30 pm when I left the hotel to go some place else (Pilot Butte, a hill in Bend, Oregon)? It would fit the time frame as the spam started occurring about a half hour later.
That’s my current guess.