It all started yesterday when I attempted to login to my Hotmail account after about few weeks of not login.
After after I entered my email and user name, I was redirected to a site that indicated my account have violated the Terms of Usage in Hotmail and it could be that my account was hijacked and used for spam. There was a prompter to send a one time code to my mobile but after receiving and keying in the code, I was still unable to access- got an error code 401.
From the Microsoft forums, I gathered that Microsoft is taking proactive actions to detect the compromised emails and place in verification process in place in the attempt to return back the access to its rightful owner.
If you are unable to access your account even though after you key in the code that is delivered to your mobile, do click on the “customer support” link and from there, fill up the necessary information to have an email sent to your alternative email address. You would be required to fill up information about your email account that only you would know about: such example of your friend’s email address, name a few sub folders you have, etc.
Within less than 15 minutes you should receive an email from the hotmail that is sent to the alternative email address indicating that your request have been received and would be reviewed- once the support team is comfortable that you are the rightful owner, a link would be sent for you to reset back your password within 24 hours.
I got the link to reset back my password after a few hours- and proceeded to key in my existing password and to change it. When I accessed my mailbox, I got a huge surprise that indeed in my Sent Item folder, it contained spam that was sent out from my mailbox to ALL the contacts in my email address.
How the modus can trick so many people is that the greeting is via the nickname that you use to save the email contact. For example, if you save an email address of your sister, you would indicate the nickname as “sis” so when your sister gets your email and it is written as “Dear sis”, she is bound to trust that it is from you and proceed to click on the link the email and viola- her computer may be the next one to be infected.
I have seen a number of such emails from my friends- whose email is probably compromised and I’ve never click on such email list- because the little experience I have in malware and virus tells me such emails are not sent by the sender. But the one I am sharing my laptop with had click on such email when accessing from his own email account that had resulted my laptop to be compromised.
Example of such spam emails- if you receive from even your own contact list, please ignore these emails. You may send an email to your contact to warn that his email email may have been compromised:
DO NOT CLICK ON THE LINKS IN THESE EMAILS WITH SUCH CONTENT EVEN THOUGH THEY ARE SENT FROM YOUR OWN CONTACTS:
- hey lee what have you been up to? i used to despise my job http:/somespamlink.co
- hi (friend’s email) how have you been? if you can stay home all day and be on the computer u’ll be rich http:/somespamlink.com
- hello (friend’s name) i’ve been meaning to tell you something. just got back from the dealership in my bmw http:/somespamlink.com
- hey lim how are you doing? for once i chose to be spontaneous http:/somespamlink.com
- hey (friend’s name) what’s new? i didn’t want to have to settle anymore http:/somespamlink.com
You can see that the nature of the emails can be quite dramatic and unexpected- and hence prompting your friend to click on the links.
If your friend click on these links and do not have an updated anti virus program, his/her PC may be infected.
Luckily for me, my hotmail contacts have not been updated for a while. Usually when I want to contact them, I use send them a message directly via Facebook. So a number of the emails are sent to my contacts who have since changed their email address.
Action taken by me:
1. Notify my friends that my email address had been compromised and to ignore such links. If they have clicked, to run an anti virus scan on their PC.
2. Delete my entire email contact list from hotmail account. Fortunately for me, many of the email addresses are not valid anyway. If I need to contact my friends, I would either call them or send them a message via Facebook.
3. Install Kaspersky Internet Security on both my laptops. Actually previously I’ve had the Avira free version and Spybot Search and Destroy installed in one of my laptops. However when I installed the Kaspersky free version, I had to delete off all my anti virus program (this is required by Kaspersky) and after the free version had expired, I had no time to update the licence version which I had purchased earlier. The spam email happened during this lapse.
Upon installation, I ran a full scan on my laptops and detected the HEUR virus on one of the laptops. I would probably stick with Kaspersky- because when I install for my previous boss (whose few PCs had been infected with virus), I had solved the problem and there is a peace of mind when surfing the internet with Kaspersky working in the background (but warning though, any anti virus program may slow down your PC).
Overall, even though hotmail had deactivate my email, I am still quite impressed by their quick action because it would prevent my friends from clicking on invalid links and affecting their accounts. I’ve received similar spam email sent out from people who know me and I’ve noted that these emails (sent from other free email provider) continued for a long time without them being aware of it.