Windows Live ID hacked twice!

Richrox75 · 1 Sep 2008 at 13:17

Hi all,

I have had my MSN Passport hacked twice now. I know this is an individual and not a bot as they have contacted me.

After regaining access the first time, I changed all the alternative email address and the answer to the secret question. There is no way they could have guessed the answer as the answer was random.

Despite this they have gotten in and changed the password, alternative email and other details.

I have run spybot and am sure there is no key logger on my laptop.

Do you have any idea how they could be doing this?

Thanks in advance.

Rhys · 1 Sep 2008 at 13:20

maybe they did it first time from just guessing your password or getting it from elsewhere and then used a "I forgot my password" link on an email they got the first time?

Richrox75 · 1 Sep 2008 at 13:26

Rhys said:
maybe they did it first time from just guessing your password or getting it from elsewhere and then used a "I forgot my password" link on an email they got the first time?

But the reset password links only work once don't they?

Richrox75 · 1 Sep 2008 at 14:56

Is it possible to track someones activity through their IP address? If I set up another mail account will the hacker have any way of knowing?

Speedy · 1 Sep 2008 at 14:58

Richrox75 said:
Is it possible to track someones activity through their IP address? If I set up another mail account will the hacker have any way of knowing?

You could create a new account, but don't use your old one to send your new address to your contacts.

Richrox75 · 1 Sep 2008 at 15:00

Speedy said:
You could create a new account, but don't use your old one to send your new address to your contacts.

Yeah good point, I am being very careful about keeping the new mail id away from the existing one.

But is there a way of tracking through someone IP address what they are doing? ie, if a new web address is registered from that IP? They hinted at something along these lines when they contacted me to tell me they have control of my hotmail.

Rhys · 1 Sep 2008 at 17:19

Richrox75 said:
But the reset password links only work once don't they?

Mine worked twice :S

Richrox75 · 1 Sep 2008 at 17:48

Rhys said:
Mine worked twice :S

Thats a bit worrying! But interesting as to how he could be continually hacking and changing the password.

miker1 · 2 Sep 2008 at 01:52

Richrox75 said:
Yeah good point, I am being very careful about keeping the new mail id away from the existing one.

But is there a way of tracking through someone IP address what they are doing? ie, if a new web address is registered from that IP? They hinted at something along these lines when they contacted me to tell me they have control of my hotmail.

Try reporting them to MS - send them the "threat" and see if THEY can scare someone!

Rhys · 2 Sep 2008 at 09:12

The moral to this story is do not use a MS email account for anything important.

Burnsy2023 · 2 Sep 2008 at 09:52

I find it hard to believe that any person can gain access to a hotmail account without a keylogger or knowing your password

Rhys said:
The moral to this story is do not use a MS email account for anything important.

No, the moral of the story is to make sure you're security conscious. I've had my hotmail account for about 10 years now and although people have tried, it's never been compromised.

Burnsy

Rhys · 2 Sep 2008 at 10:01

Burnsy2023 said:
I find it hard to believe that any person can gain access to a hotmail account without a keylogger or knowing your password

No, the moral of the story is to make sure you're security conscious. I've had my hotmail account for about 10 years now and although people have tried, it's never been compromised.

Burnsy

Fair point but if you do lose control its very very hard to get it back.

stoofa · 2 Sep 2008 at 10:10

There is nothing going on here except poor computer security.
If there was a way of hacking into Hotmail accounts don't you think it would be happening all the time.
It is highly unlikely there is only one person who knows how to do it and he is doing it on a mailbox by mailbox basis.

Your password has been found out - keylogger, Spyware, bad email etc.
Get back into your account, reset all passwords and then find out what you've got running on your machine that is giving somebody your password.

peterattheboro · 2 Sep 2008 at 13:17

Our lass has had hers hacked aswell yesterday.

Went to reset the password but the secret question was in japanese :confused:

Did some conversion on the net though and found out it was the maiden name Q

Richrox75 · 2 Sep 2008 at 13:46

Thanks everyone, it's looking more and more like there is a key logger in place from these posts. I have run spybot and the laptop is a company one (work for a big corporate so all Anti Virus in place). Is there any other guidance on how to find a key logger?

I have requested a re-install of our companies windows as a precaution

Burnsy2023 · 2 Sep 2008 at 14:06

Richrox75 said:
I have requested a re-install of our companies windows as a precaution

Good call

Burnsy

Richrox75 · 2 Sep 2008 at 14:37

Burnsy2023 said:
Good call

Burnsy

But in doing this, they still back up my mails, my My Docs folder etc. Could the key logger be in here?

I understand the concept of a key logger but don't know how they work, access the targeted PC and how the hacker gains info from them. Is there somewhere I can go to understand this better?

Richrox75 · 2 Sep 2008 at 15:30

Just been browsing the web on key loggers....

If I used an online "Virtual Keyboard" to type my password into, using the mouse (of course!) and not physically typing it on the keyboard, then cut and paste it into the hotmail log on page..... This would not appear on a key logger? unless it was one which included screen capture shots too?

But it's a good easy security measure to take?

taz488 · 2 Sep 2008 at 19:20

theres a virtual keyboard in windows, why not use that?