Anything is possible. The more important question is, how likely is it?
There’s probably a very simple, mundane explanation here: your friend’s account has been hacked. Someone else has access to it.
It’s not that Microsoft’s servers are vulnerable; it’s that your friend’s account was.
And that’s very common.
Become a Patron of Ask Leo! and go ad-free!
Microsoft servers infected?
It’s extremely unlikely that the servers of any major online service would be hacked. Much more likely are the many ways that individual accounts can be compromised or that malware can make it on to individual machines. Most important is that you implement all appropriate security measures for your equipment and online accounts.
Mail programs versus mail servers
First, realize that Outlook.com (Hotmail’s replacement) isn’t running mail software like you and I run.
Outlook.com and other mail services run custom software tuned for being mail servers. They’re designed to collect and deliver mail on behalf of thousands, if not millions, of customers.
The “address book” you see on screen is likely stored on Microsoft servers in a custom and undocumented format1 that would be near impossible to reverse engineer without direct access to the Microsoft data center. To the best of my knowledge, no current malware has a clue how to do that.
I’m sure that Microsoft and Microsoft-related servers are some of the biggest targets for hackers on the planet. You can bet that these are some of the best-secured servers in existence. From industrial-strength firewalls to totally secured and locked-down data centers in undisclosed locations, Microsoft servers are well protected.
Finally, if there were any kind of a security breach or problem on the servers themselves, Microsoft would be all over it as fast as humanly possible. If necessary, it would take the service down to protect its customers.
So, no, I don’t believe Outlook.com or Hotmail itself has been hacked, or that the servers have any kind of malware infection.
Most likely: no malware at all
So where’s the email coming from?
By far the most common cause of the symptoms you describe is an account hack. Someone has somehow determined the sign-in credentials for the email account, signed into Outlook.com, and started sending email to the account contacts.
The only thing required is the ability to sign in to the account. That’s it. No malware involved, and certainly no malware on the Microsoft server itself. Malware may have been involved in determining the sign-in credentials, but that could have been something like a keylogger on your friend’s computer.
Or your friend’s computer may not have been involved at all. If they re-use passwords, then hackers may have gotten around to trying a password discovered elsewhere with this Hotmail account and been successful.
Still possible: malware
If malware is involved, it’s more likely that it captured the sign-in credentials as I described above, allowing the hackers to sign in to the account directly.
It’s not nearly as common as it once was, but malware has also been known to infect email programs on PCs. The malware would take control of Microsoft Office Outlook, Thunderbird, or others and send spam and malware. It’s pretty rare these days, though.
Also possible: it’s not you at all
It’s possible that nothing in your control or your friend’s control is involved at all.
Spammers can fake the “From:” line on the email that they send. It looks like it came from your Hotmail account, but in fact it came from somewhere else entirely. A quick look at the details of the mail header usually confirms this.
I’ve discussed this at length in an earlier article, “Someone’s Sending From My Email Address! How Do I Stop Them?!”
The result is your friends could be getting spam — perhaps carrying malware — that looks like it came from you, but in fact had nothing to do with you whatsoever.
Do this
Don’t jump to the conclusion that your service’s servers have been hacked.
Instead, review your own security measures. Protect your machines with good security software, and scan them regularly for malware.
Make certain your online accounts are protected with strong and unique passwords, and consider adding two-factor authentication for an extra level of security.
And of course, subscribe to Confident Computing! My newsletter helps you use technology with less frustration and more confidence, solutions, answers, and tips in your inbox every week.
Podcast audio
Related Video
Footnotes & References
1: Very likely in a large database using something like Microsoft SQL Server or similar.
“Finally, if there were any kind of a security breach or problem, you know that Microsoft would be all over it as fast as is humanly possible – taking the service down if necessary to protect its customers.
So, no, I don’t believe Hotmail has been hacked, or has any kind of infection”
I very much disagree with you. Hotmail finally admitted/confirmed that there was indeed a security breach and that someone had hacked into my account and was using my email address to send viruses to everyone in my contact list as well as any email addresses contained in messages in my inbox/folders. While my virus protection is updated, I have scanned my computer using the program suggested by MSN (nothing found), I have changed passwords and secret passwords on the account many times and have emptied out my entire hotmail account (contacts/messages). Despite this, messages are still going out several times a day to everyone (not just my contact list) – I know this because I am receiving the bounce backs from servers which have rejected the virus attachments as well as bounce backs from no longer valid addresses. I have been trying for three days to close the account entirely so that people at least will get a message saying the account is closed so people will know I have tried to take some action. Very serious breach – not just a random attack. I have since switched to gmail.
Your account being hacked is NOT the same as the HotMail servers being hacked.
I disagree also about hotmail servers possibly vulnerable to attack, only because I do not believe in coincidences. Just this a.m., I tried to access hotmail and my av program told me there was a virus but it had been stopped before getting to my pc. (My acct. was open, but none of the mail was open) A scan revealed nothing, thankfully. Yet later the same morning, when I tried to even open hotmail, the server was suddenly unavailable. In 4 yrs of using hotmail, I don’t remember a server for them ever being down when I tried to access it. Not to say it hasn’t happened, just not to me. Now all of a sudden, just after my protection tells me somesthing’s amiss, the server mysteriously goes down… I don’t believe in coincidence.
I have recently been recieving delivery statis notifications that say it has attatchments, well I am not sending these and it has been sent to everyone in my contacts. It has attatchments for advertisements for various product, especially medications. I have run a scan and know I do not have a virus. How do I stop this from happening?
I had the problem with the hotmail virus which send email to all in your contact list & then it deleted all my contacts! Thereafter I received very rarley e-mail. what the do is they change your junkmail settings, all your emails go straight into the junkmail because only e-mails from your contact list (which is now deleted by the virus!) go into your inbox. They also change the settings that alll your junkmail are deleted straight away!!! Therefor I got alsmos to e-mail!
Please spread the message to check your junkmail settings!
As of yesterday, I have lost the capability to
delete unwanted messages. I can still receive
and send messages, but when I send messages, it
takes at least 1 minute for the computer to
complete the transaction. When I attempt to delete
a message, a computed generated message comes
across the the screen and indicates this:
“There was a problem with windown live Hotmail
Service (a temporary network connectively issue
that has nothing to do with your computer).
Please try again.
In addition, a few weeks ago, I received an
e-mail message request, appearing to be from
Hotmail, asking for all my persnal data. I
refused the request. Therefore, could this be
the same person that initiated the personal
info request, that has the capability to now
cause the problem in which I cannot eliminate
unwanted messages?
Thank you.
Sincerely,
Dennis P. Habern, Msgt, USAF, Retired
Leo you evidently do not know as much as you think. When you said it isn’t the hotmail how do you explain my hotmail account sending out virus laden emails to all my contacts while the power was out to the house and the computer was off due to an ice storm. With no battery back up and the power completely off emails were sent from my hotmail account. So of “GREAT ONE” explain that.
29-Nov-2010
Hotmail/Live Mail mainframe computers have been hacked since early April 2011. I reported this significant breach to Microsoft, including the identification of the hacker. Microsoft gave me a new Hotmail email address, much like the old one. Microsoft is working quickly to correct this major problem affecting all Hotmail/Live Mail accounts.
05-May-2011
when i sign into my hotmail ,a page comes up telling me my hotmail account has been cancelled due to perhaps a hacker sending spam in my name.as of now i have no hotmail account and have no idea what to do about itplease help.by the way the spam is still being sent to all my contacts .
10-May-2011
Help! I just got an email that says it’s from the “Hotmail Customer Service” saying that they are switching the servers over to new servers & that my email will be deleted if I don’t update my info. I was suspicious, so I did a little research. But came up blank. What do you think?? Here is a copy of the email—
Welcome to Hotmail.
Windows MSN Hotmail is faster, safer than ever before and filled with new ways to stay in touch. Due to increased spam and phishing activities globally, a DGTFX trojan virus has been detected in some of our servers. Your email account server will be upgraded with our new secure 1024-bit RSA key anti-virus firewall to prevent damage and spread of the virus. Click your reply tab, fill the columns below and send back to us for confirmation of the upgrade or your email account will be terminated to avoid spread of the virus.
* User Name:……………………………………..
* Password:……………………………………….
* Confirm Password:……………………………
* Country Or Territory: …………………………
Note that your password will be encrypted with 1024-bit RSA keys for your password safety.
YOUR DETAILS WILL NOT BE SHARED.
Find out what else is new or coming soon to Hotmail.
* You are receiving this message from Windows Live because you are a valued member. Microsoft respects your privacy. To learn more, please read our online Privacy Statement. For more information or questions regarding your e-mail account, visit Windows Live Hotmail Help.
Microsoft respects your privacy. Please read our online Privacy Statement.
Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA 2012 Microsoft Corporation. All rights reserved.
I tried calling Microsoft on the issue as well, but they don’t give Hotmail help over the phone. Any help will be appreciated. Thank you, Angela
09-May-2012
If you want to know if the Microsoft servers have been hacked, check the news. Whenever a mega-corporation’s server is breached, it makes the news very quickly.