Have been hacked - lost access to accounts etc

Man of Honour
Joined
18 Oct 2002
Posts
8,518
Location
West Coast of Scotland
Hey, hope somebody can shine some light on this little problem for me. Not even sure this is the right place for this, so feel free to move.

My son received an email yesterday from Microsoft which asked him to change a password. Yes I know, he is 13, and made a stupid mistake :-( So tonight we started to have money taken out of the accounts etc etc. I’ve frozen the cards and notified the bank. No problem there and I’ve done everything I can. But the scammers have stolen my Microsoft/hotmail account which is proving more problematic and have apparently locked me out of it. I’ve filled out the recovery form so is it just a waiting game? The IP addresses point to the far east just out of interest
 
Called bank - important.
Do you use the same password on any other important logins or are there any important (read: financially vulnerable) accounts which rely on your hotmail account details?
 
Unfortunately yes. Lesson learnt. PayPal etc. I managed to freeze my accounts; I’ve contacted the bank and PayPal. I feel I’ve done what I can
 
It’s Microsoft. It’s saying to recover my account I need to authorise this using an Authenticator, but it links round in circles. I just don’t understand what’s going on. Problem is my son’s Xbox account is linked to my MS account.
 
They probably set up 2 step authenticator on their mobiles.

I doubt there's anyway out of it other than talking to them and ...well I dunno
 
Does anyone have a contact number for whoever I need to speak to? I’ve just tried the account recovery and that just goes in circles. They’ve obviously locked me out
 
also I can’t even kill the account because i can’t login
IIRC if you've paid for anything by card etc that can help when trying to regain control of the likes of a game account, or used to back in the Ultima Online days as suitably senior CS used to be able to see at least some of the card information which can help with account recovery.
 
Did you ever install the Microsoft authenticator app on your phone?

It prompts you to confirm a number when singing in, that's what it will be asking for (or just a simple tap approve, depends on the device signing in)
 
Last edited:
You can't add MFA to an account that you don't control. As they have control, they've presumably added their own MFA to it now.

You should have had MFA added to this account beforehand (same for anything of importance, such as banks/paypal etc). Email is arguably more important than most things due to how many things it gives access to.

Losing access to your email also means they can attempt to do a password reset for anything else using that same email/username.
 
Back
Top Bottom