deuce42

Anyone being asked to reset their hotmail password?
« on: January 25, 2012, 10:49:00 AM »
I am almost scarred to post this question on any sort of IT forum for fear of getting phonebook length answers that just confuse me. Any of you guys using hotmail and just suddenly being asked to reset your password?

Am wondering if there is a glitch in the hotmail system, whether I have just been hacked, whether the two previous propositions are happening simultaneously, or whether after 13 years with the same password hotmail simply got bored with me and decided to offer an inducement for me to find another email provider.


JohnRoberts

Re: Anyone being asked to reset their hotmail password?
« Reply #1 on: January 25, 2012, 11:03:53 AM »
Look up PHISHING

In general you can look at the raw data in the email to see who really sent it. If hotmail really has a problem, it will persist and they will ask you again... most phishing attempts are shotgunned (one time) looking for easy marks..

When in doubt do nothing...

JR
Don't only half-ass tune your drums. Visit https://circularscience.com to hear what properly "cleared" drums sound like.

diyfanatic

Re: Anyone being asked to reset their hotmail password?
« Reply #2 on: January 25, 2012, 11:07:58 AM »
Microsoft shut down my mailbox access few days ago because it seemed to be hacked and asked me a phone number to reset it!!
after investigation, it was not a scam but really painfull to recover.
they asked me to fill all the information from 10 years ago, plus last email adress I've sent a mail and other stuff.

worked after 3 attempts...1 week!

PRR

Re: Anyone being asked to reset their hotmail password?
« Reply #3 on: January 25, 2012, 08:46:17 PM »
> being asked to reset your password?

WHERE did you get this?

If you manually typed the HotMail URL, got to HotMail login, still on HotMail/Live URL, it could be legit.

If you got an email telling you to click to a site, it is a "phish".

January 24, 2012
"A new phishing attack is now targeting users of Microsoft’s Hotmail...."
http://www.gmanetwork.com/news/story/245533/scitech/technology/new-phishing-attack-intimidates-threatens-hotmail-users

January 13, 2012
"Have you been told to verify your Hotmail account? Did you receive a message saying that Hotmail's email servers were congested, and so they were removing all unused accounts?
"If so, I hope you responded to the email with a roll of the eyes and a quick stab of the delete button. Because if you didn't, you might have been at risk of having your login credentials stolen..."
http://nakedsecurity.sophos.com/2012/01/13/hotmail-account-phishing/

diyfanatic

Re: Anyone being asked to reset their hotmail password?
« Reply #4 on: January 26, 2012, 03:54:51 AM »
just be sure that the web page start with https:// -->s is for secured.

Kingston

Re: Anyone being asked to reset their hotmail password?
« Reply #5 on: January 26, 2012, 06:30:36 AM »
just be sure that the web page start with https:// -->s is for secured.

that's not a valid rule. phishing attacks can use https addresses.

diyfanatic

Re: Anyone being asked to reset their hotmail password?
« Reply #6 on: January 26, 2012, 07:24:00 AM »
ok I didn't knew that... :-X

PRR

Re: Anyone being asked to reset their hotmail password?
« Reply #7 on: January 26, 2012, 04:07:32 PM »
Typing "hotmail.com" actually takes me to:
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv...

It says "Live.com". Is this the real HotMail?

First you have to know that HotMail has been absorbed into a larger service called "Live.com". If you don't know that already, then the redirect from HotMail.com to Live.com is very suspicious. Google "HotMail Live" and see if they are related, or if there's trouble reports.

Note also a difference between "Live.com" and "Live.crook.com". Anybody can put "HotMail" or "Live" in front of their main domain. I see "ebay.bogus.es" and such a lot, because people are easy to fool. The main domain is the part just before the .com, .edu, .fr, .cn, etc. If that's not where you want to be, get out of there.

The "https:" in front is a maybe-good thing. What it really means is that your login will be encrypted on the wire, your neighbor can't snoop your login. But Live.com sure can, of course. So could "Live.crook.com", maybe. https also involves a certificate tracable to an authority. However such certificates are not difficult to get.

JohnRoberts

Re: Anyone being asked to reset their hotmail password?
« Reply #8 on: January 27, 2012, 11:35:18 AM »
Coincidentally I just got an official looking email this morning claiming to be from the electronic payment association telling me one of my electronic payments was rejected, and I just need to click on this link to read the report. They even attached what should be an innocent enough word document.

It took about a minute on google to determine that this was just another phishing scam to either gain access to my bank acct info, or to get me to click on some link that loads malicious code onto my computer.

It's a jungle out there... be very suspicious.

When in doubt ignore.... if action is really required they will contact you again...

JR

PS I wish they could damp this form of speech.
Don't only half-ass tune your drums. Visit https://circularscience.com to hear what properly "cleared" drums sound like.

 

Related Topics

  Subject / Started by Replies Last post
7 Replies
1997 Views
Last post June 30, 2009, 05:18:21 AM
by Rob Flinn
3 Replies
1142 Views
Last post July 01, 2010, 05:06:06 PM
by radiance
43 Replies
19491 Views
Last post October 23, 2014, 10:32:12 AM
by thermionic
4 Replies
1282 Views
Last post August 06, 2011, 01:30:35 PM
by Insomniaclown