Jump to content

my hotmail account might be hacked


Recommended Posts

today i got 18 notifications of email delivery failure of emails i didnt send has my computer been hacked and how do i fix it they all had attachments (not opened them )

Link to comment
Share on other sites

download and run Malwarebytes’ Anti-Malware see what it show ...........

Link to comment
Share on other sites

got it now just running it and will see what it says might have to run it on my other puters too

Link to comment
Share on other sites

that didnt fix it found no problems

Link to comment
Share on other sites

Have you told everyone in your address book not to open attachments from your address?


I think you need to tell people here what anti-virus etc you're running. Did you d/l any progs or open any strange attachments which coincided. Been on ant dodgy sites etc.

Most free anti-virus progs should find a Trojan. I'm on Eset here but Avira was pretty good.


If you don't get it sorted I advise you go to MajorGeeks site - http://majorgeeks.com/

Follow their standard instructions, which may sort it and if not you'll get a dedicated geek to sort you.


Only thing is, they'll only help you once if it turns out you got it downloading pirated software etc..

My daughter got one of these from opening an MSN message attch once (said go look at my photo's or somat) and MG got us through it.

Link to comment
Share on other sites

Same thing happened to me last year. There are several causes, but what happened to me was that I carelessly loaded a "fake" Yahoo site from the internet while trying to help a Thai girl locate a boyfriend's Yahoo account in the U.K. Anyway, I typed in my userid and password on this look-alike site and the phish scammer captured the information and started using my email account to send out viruses, spam, and fake shopping links to capture credit card ids.


I notified all the contacts in my email account and then, finally, got rid of the bastard by changing my email password. Good luck.

The wife and I were very happy for 20 years, then we met.

Link to comment
Share on other sites

no i havent told any one all the delivery failures were to mosty very strange email addresses all the email addresses are unknown to me im running avira came with the new computer only i have no downloaded software i am running office 2007 i got from phantip plaza a couple of years ago had no problems with it on old pc only thing i can think of is that my 14 year old grandson has his computer on this home network his connection is wifi this pc is cable connection directly to the router .will try changing the password

Link to comment
Share on other sites

Check that your windows firewall and defender are on.


I also use the free AVG anti virus software and have never had a problem with trojans or viruses getting through. I've been using it now for 18 months and I download heaps of stuff.


There have been warnings where the software has detected a potential problem but these are moved into the virus vault which you then delete.




hope this helps

Link to comment
Share on other sites

firewall and defender were on

Link to comment
Share on other sites

no i havent told any one all the delivery failures were to mosty very strange email addresses all the email addresses are unknown to me


Yes, sorry, on reflection it does sound more likely to be your MSN account than a problem in your PC.

Hpefully the password change will work, or report it to MSN?

Link to comment
Share on other sites

my knowledge of computers is limited i sort of lost interest/kept up after about win 95 lol apart from know what buttons i need to push to do the job im doing

already changed the password just reading the info on the geeks site

Link to comment
Share on other sites

is it for a Chinese computer electronics store? easy way to check open hotmail go to sent items folder


changed the hotmail password to one with a combo of capitals/lowercase and numbers and special characters #$%!#%^$#$^


happened to lots of people I know, I think its to do with keylogging your email passes


install microsoft security essentials, its a free antivirus/antispyware/antimalware from MS and got 9.2/10 compared to other programs

Link to comment
Share on other sites

  • 2 months later...

I have had a similar experience, but in my case it wasn't with a hotmail account but my normal paid for address that I have at one of my webpages.


What you need to know is that even if you get an email about delivery failure, it doesn't mean that it came from you. =/

I'm going to be a bit technical here, but, it doesn't hurt to know this. Below is a part of the header from a spam mail I got some time ago. Lets have a look at it.





Return-Path: <[email protected]>

Delivered-To: stan-somewhere:[email protected]

X-Envelope-To: [email protected]

Received: from ads-3914830ebea (unknown [])
by mailwash27.pair.com (Postfix) with SMTP id 9995926132
for <[email protected]>; Sat, 24 Apr 2010 20:45:01 -0400 (EDT)

Date: Sun, 25 Apr 2010 04:41:17 +0400

Message-ID: <[email protected]>

To: [email protected]

Subject: 25.4.2010 SALE -53%

From: US VIAGRA ® <[email protected]>

Reply-To: [email protected]


It is somewhat edited, my address is replaced with "[email protected]", allot of lines are removed as they doesn't have anything to do with the issue at hand here.


The first line we look at is the one starting with To: this line tells the mail server where to send this email, works about the same as a street address. As you can see It has been sent to "[email protected]" which incidently is make my address.


The next line we look at is From:. That is supposed to be the address to the person that send it. However that is also set to "US <Viagra [email protected]>" As I am not going to send myself spam about viagra and does not do so, we suspect this could be fake. In this case it is. Be aware that this doesn't have to be an email address, it could just be a name, in this case it is both.


The next interesting line is Reply-To: This is where the sender wants you to send your replys. Yet again it says "[email protected]". So if I reply to this email, I will simply send myself an email. This is fake to as I did not send it to start with.


These are the most interesting parts of the headers, now take a look at what would happen if the email address "[email protected]" did not exist? well an email would be sent to "[email protected]" saying that it did not work, wich in turn will generate another email saying it did not work, and so on. Luckily there are filters in place to prevent this to happen and messages like that will just deleted.


Now some mail host are getting smart, If the sender is the same the recepient some server might flag this mail as suspicious and class it as spam right away. A way around that is to make sure that the sender address is not the same as the recepient. And what is better to use than an address that works? Nothing.


This means that when these guys sends out spam about Viagra, the got a huge list of addresses to send to, they send the same mail to everyone and only change the To: address and since they don't want any replys they pick a random address from the list and puts that as Reply-To:


Now they got a huge list of addresses and in order to not get caught by filters they have to rotate the Reply-To address too, but before they do, they could have sent 10000 emails with your address in it. A few of these addresses will not work, and when they don't the email server will send a message to the Reply-To: address that there was a delivery failure. The longer time they use your address as the reply-to: address the more delivery failure notices you will get.


I once opened my email to see that I had 1600 delivery failure notices. >.<


So in order to know if you really have been hacked you need to look into one of those Delivery failure notices, but as you now know, you can not look at the line from: you have to dig deeper into the headers.


There are two parts that will give you a good clue as to where it came from, the Message-ID: and Received: lines. There can be more than one Received lines and the one to look at is the oldest one, they should all be timestamped.


So what do we do with these? well there should be similarities in them, in my case it is "ads-3914830ebea" and on the received line it say this "" That is the IP adress of the email server it was first posted on, not the same as who wrote it.


Best thing you can do is look at how these headers look when you send an email, if they are the same, or at least looks like they come from the same company then it's time to change password, if they appear to be vastly different, odds are that they just used your address. This can only be seen on an email that has been sent. You can always try and send one to yourself, but as filters sometimes thinks that is spam it might not work and it might not take the correct route, so send it to another email address, if you have one yourself perfect. If not ask someone that knows how this work to help you extract the headers from an email you sent. It does not work to have your friend reply to your email and look at the headers, in that case the will be the headers of the one that replied and not yours.


I don't use hotmail, but I am sure there is some way to look up headers there.


But most essentially, If in doubt, Change your password.

Link to comment
Share on other sites

thanks noud i have allready changed password and had no more incidents

Link to comment
Share on other sites

there was a hotmail virus lat year that send out spam and to get rid of it all you had to do was change your password.


Seemingly it knows your email password


I hope this helps

Link to comment
Share on other sites

actually same thing happend to me




nah just kidding althought it did happen to me recently


upload the text of the email anmd the address that sent it and il do the same when i get time

could be a coincedence iunno


told me to go to a google webpage to buy some cheap stuff i think

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • COVID-19

    Any posts or topics which the moderation team deems to be rumours/speculatiom, conspiracy theory, scaremongering, deliberately misleading or has been posted to deliberately distort information will be removed - as will BMs repeatedly doing so. Existing rules also apply.

  • Advertise on Pattaya Addicts
  • Recently Browsing

    • No registered users viewing this page.
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.