Somone is reading my hotmail....But How!

Richrox75

Richrox75

Richrox75

Associate
Joined
23 Jun 2008
Posts
23
Hi,

I know there are a few threads on here around Hotmail security weakness. I could not find one that covers my specific situation so wanted to post to see if anyone could advice me.

I know someone is reading my hotmail, as they have been passing activity info such as purchases, when I set up a new account etc to a third party. They also know when I add a new contact to Messenger.

I have changed my password and the security question on many occasions, only for it to revert back to its original within 24 hours!

I don't want to have to cancel my hotmail account which I know is the safest way.

Can anyone advice how this person may be doing this? and what I can do to lock them out?

Thanks in advance.
 
I have done, but their customer services have sent generic replies on how to change my password. They have not responded to my further questions around why my password is reverting back once changed.
 
Yeah, I expect this may be the only way. I am keen to understand what is out there that may have allowed this person this kind of access and control. So I can secure my next account ID against the same intrusion.

Just wandering what people know of
 
yeah, sure is looking like the way. But I will have to lose my mail id which is the main thing I want to avoid. Also as I don't know how this person is accessing my hotmail, they could use the same tool/process on gmail!
 
Few ways they could change it back after you've used a new password.

off the top of my head

1) the machine you are changing it on is compromised. Either through malware/worms or a hardware keylogger

2) there is a secondary email address where hotmail notifications are sent (set in hotmail options maybe) and they get the notification and a link to change back?
 
Thanks Ethics,

Interesting points. I believe my password may have been originally obtained from a keylogger on another PC I was using. However I am currently using my works PC so no one would have contact to add a keylogger? also we have antivirus so would that not have picked it up?

The secondary email address I have changed to my work one, so the snooper would not be able to access that? However I have just changed the password again and no notification mail has been sent to say the password has been changed!
 
Are you using it as webmail or through Outhose Excuse?

I would, on your next weekend off, shut the work box down, leave work, go to an internet cafe, change your password, and see if THAT sticks....and more importantly if it unsticks when you access from home or from work.
 
Richrox75 said:
Thanks Ethics,

Interesting points. I believe my password may have been originally obtained from a keylogger on another PC I was using. However I am currently using my works PC so no one would have contact to add a keylogger? also we have antivirus so would that not have picked it up?

The secondary email address I have changed to my work one, so the snooper would not be able to access that? However I have just changed the password again and no notification mail has been sent to say the password has been changed!
Click to expand...

Whilst i have no idea of your work setup or the morals of your fellow employees, this information does lean toward the fact that someone from work is the culprit.

Hardware keyloggers can be very small and discrete, plugging into the back of a machine and operating outside the scope of any software protection you might have. They may be installed for company purposes or something. Packets could be intercepted from the proxy, someone could even be reading over your shoulder. Anti virus is not, and should not be considered a fool proof solution. Someone from work could have the login to your secondary work address/user account. They may not need to be at your machine to interact with the account, it's possible to run webmail off the back of exchange. Do you have any sort of password remembering going on in IE/firefox? that would allow someone to sign on when yo uare not arround and get in via a remembered password?

*edit* i was speculating that it'd send you a confirmation mail, most do, hotmail may not, find out before you start panicing :)
 
Have changed the password and it has once again changed back!

MS support have suggested clearing the cache, would this make any difference and explain the phantom password reset?
 
If your account has indeed been hijacked, it's odd that the perpetrator is changing the password back. You would think that she wouldn't want to draw attention to herself.

Unless she's gloating? :p
 
Richrox75 said:
Interesting that no password change email has been received in my alternative email address?
Click to expand...

There is your answer. Either the alternate email address which gets notified of password change is compromised or actually point to the hackers account. Change "alternate email address" in Options, wait one day, if it doesn't change back delete any "mobile credentials" there might be and change both security question and password in the same time. Hopefully that way, the hacker won't be able to revert to original password. If you use MSN, make sure not to switch it on with new password for few days, until you are 100% certain your hotmail isn't compromised anymore.
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom