From time to time, I get asked about what to do if your Hotmail account credentials are stolen and is being used to send out spam. Here is a paraphrased response that someone from the Windows Live Safety team said on an internal thread, but it applies to anyone.
Here are the general steps we recommend to recover a compromised account:
If the account owner can still log in to their account:
- They should immediately change their password.
- They should also set up an alternate email address (Options->Account Settings) to help verify that they are the account owner.
If the account owner is locked out of their account:
- They should first try a password reset (http://windowslivehelp.com/solution.aspx?solutionid=bf5d34bf-db28-44ca-ac9a-93838d81b2d6)
- If that fails, the user needs to go through a process to validate that they are the legitimate account owner (https://support.live.com/eform.aspx?productKey=wlidvalidation). Answer the questions as completely as possible, but if you really don’t know some of the answers it’s okay to put “I don’t know” \.
The account owner should also run a malware scan on all the computers they use to access their account. It is possible one of them has a keylogger installed that will steal any passwords that they type.
The Windows Live Help site also has an article about what to do if your account has been hijacked: (http://windowslivehelp.com/solution.aspx?solutionid=6ea0c7b3-1473-4176-b03f-145b951dcb41).
There’s no one way that accounts get compromised. And, it’s often impossible to look at an account and say with certainty how it got compromised. In general, you can take the following steps to reduce the chances of this happening again:
- Run AV scan on all the computers you regularly use
- Pick an uncommon password
- Never respond to any e-mails claiming to be from Hotmail/Windows Live/Microsoft asking for your Hotmail password
- Be wary about logging into your Hotmail account from public computers or unsecure
There you go.