Technology in terms you understand. Sign up for my weekly newsletter, "Confident Computing", for more solutions you can use to make your life easier. Click here.

Could the Microsoft Servers be Infected?

by Leo A. Notenboom

It's tempting to blame the mail service for account hacks and vulnerabilities, but in fact that's rarely the case. Much more likely is that hackers gained access to individual accounts through more traditional means.

I tried to help someone whose computer had been infected by the Nimda worm. After the computer was disinfected, and before my friend even used that computer again, she complained that all her contacts (in her Hotmail Contacts list) suddenly started getting virus attachment emails which appear to be sent from her Hotmail account — even though she wasn’t using the previously infected computer — and wasn’t sending them anything. She is sure the other computers she is using are well-protected and “clean”. I had advised to her close the Hotmail account — but, nevertheless, it’s hard to believe the Hotmail servers are this vulnerable — and if they are, how can she be sure she won’t have this problem with another Hotmail account? There are additional issues — but first, I want to be sure this is really the root of the problem at this point: an infected account on the Hotmail server.

Hotmail definitely has its problems, but this probably isn’t one of them.

While someone’s got a virus, it’s not Hotmail/Outlook.com. And it’s probably not you.

But it might be someone you know.

Become a Patron of Ask Leo! and go ad-free!

Mail programs versus mail servers

First, realize that Outlook.com (Hotmail’s replacement) isn’t running mail software like you and I run. Outlook.com, and other mail services, run custom software that is tuned for being mail servers – for collecting and delivering mail on behalf of customers. The “address book” that you see on screen is most likely stored on the Hotmail servers in a custom and undocumented format that would be near impossible to reverse engineer without direct access to the Microsoft data center. None of the current sets of viruses would have a clue as to what to do with it.

That brings up another argument against Hotmail being hacked: for many, many reasons, I’m sure that Microsoft and Microsoft related servers are some of the biggest targets for hackers on the planet. You can bet that these are some of the best secured servers in existence. From industrial strength firewalls to totally secured and locked down data centers in undisclosed locations, Microsoft servers are exceptionally well guarded.

Finally, if there were any kind of a security breach or problem, you know that Microsoft would be all over it as fast as is humanly possible – taking the service down if necessary to protect its customers.

So, no, I don’t believe Outlook.com or Hotmail has been hacked, or has any kind of infection.

If not Outlook.com, then where?

So where’s the mail coming from?

It’s much more likely, and in fact very common, that another PC belonging to a regular computer user has been infected with a virus. In fact, I’ve seen some incredibly high estimates of the numbers of infected machines that are sending out spam and viruses. One of the things that these spam-sending zombies do is fake the “From:” line on the email that they send. It looks like it came from your Hotmail account, but in fact it came from somewhere else entirely. A quick look at the details of the mail header usually confirms this.

I’ve discussed this at length in an earlier article “Someone’s sending from my email address! How do I stop them?!“.

The bottom line is that there’s actually little to be done other than, as you have already, make sure that your machines are protected and scanned regularly for spyware and viruses making sure that the scanners are up to date, using a firewall, and using common sense with a liberal dose of skepticism.

23 comments on “Could the Microsoft Servers be Infected?”

KH

May 11, 2006 at 9:26 am | Reply

“Finally, if there were any kind of a security breach or problem, you know that Microsoft would be all over it as fast as is humanly possible – taking the service down if necessary to protect its customers.

So, no, I don’t believe Hotmail has been hacked, or has any kind of infection”

I very much disagree with you. Hotmail finally admitted/confirmed that there was indeed a security breach and that someone had hacked into my account and was using my email address to send viruses to everyone in my contact list as well as any email addresses contained in messages in my inbox/folders. While my virus protection is updated, I have scanned my computer using the program suggested by MSN (nothing found), I have changed passwords and secret passwords on the account many times and have emptied out my entire hotmail account (contacts/messages). Despite this, messages are still going out several times a day to everyone (not just my contact list) – I know this because I am receiving the bounce backs from servers which have rejected the virus attachments as well as bounce backs from no longer valid addresses. I have been trying for three days to close the account entirely so that people at least will get a message saying the account is closed so people will know I have tried to take some action. Very serious breach – not just a random attack. I have since switched to gmail.
Leo

May 11, 2006 at 6:56 pm | Reply

Your account being hacked is NOT the same as the HotMail servers being hacked.
Jeff

January 4, 2007 at 2:04 pm | Reply

I do not know who is right, I do not want to argue with whom, I just want to get solution.

I have same problem as KH, even if I have not used
my Hotmail account for a couple of days.

It keeps sending some email to my contact list.
It is pretty buging me.

Do you guys have some solution or suggestion?

Thanks
Dan V A

March 11, 2007 at 1:12 pm | Reply

I keep getting an error message which keeps me from opening up email. But only on hotmail. I do not think hotmail has been hacked, I just can not open my email in my email account.

Dan [phone numbers removed]
pm

May 18, 2007 at 1:37 am | Reply

1,600 personal emails in my hotmail account somehow recently “appeared” in the account of a boyfriend. How could this possibly have happened? They had no physical access to the computer (it was another friend’s computer that I was using when this happened). My mind is blown away! Is this hotmail’s fault?
dlw

July 27, 2007 at 8:50 am | Reply

I disagree also about hotmail servers possibly vulnerable to attack, only because I do not believe in coincidences. Just this a.m., I tried to access hotmail and my av program told me there was a virus but it had been stopped before getting to my pc. (My acct. was open, but none of the mail was open) A scan revealed nothing, thankfully. Yet later the same morning, when I tried to even open hotmail, the server was suddenly unavailable. In 4 yrs of using hotmail, I don’t remember a server for them ever being down when I tried to access it. Not to say it hasn’t happened, just not to me. Now all of a sudden, just after my protection tells me somesthing’s amiss, the server mysteriously goes down… I don’t believe in coincidence.
Gloria

July 28, 2008 at 9:41 pm | Reply

I have had a hotmail account for years been usding it signing on this account many times, but when I go to sign now everything is in error and I know it is the right username and password but I am not told it is invalid, why?
Karen

October 8, 2008 at 11:18 am | Reply

I tried to log into my email last night and it said my password was incorrect. I log into my account every day, multiple times a day and I know my password. I have no way to get it reset because I never set up any security questions. I sent Microsoft an email on the help site and am waiting for a response. However, from reading these boards, it looks like there are other people that have had this same problem.
Jenny Wrenn

December 16, 2008 at 4:36 pm | Reply

My hotmail account problem is not from those spamsters imitating my “from” email but something else that no one seems to have mentioned yet. An ad to buy computers has invaded my email and pops up in my “send” or “reply” modes. I can delete it but it comes back. I can’t tell if it is tacked on to my emails but I suspect that. I downloaded the html code but this tells me little –just that the code has become imbedded somewhere. Microsoft hasn’t acknowledged my complaint. I won’t use hotmail to send emails anymore. I’ll use another account.
Dorothy Lynch

March 2, 2009 at 9:55 am | Reply

every time I pull up my email an icon appears telling me a virus is trying to get in the “back door”. What do I do? I have full coverage with the AVG security system & it says no virus detected. Yet feom time to time an email gets through with x-rated title (which I do not open, I delete it.
Jay

February 1, 2010 at 9:19 am | Reply

my mail keeps sending a message off of contacts. every time i turn my pc off then on a message is sent that i didn’t send.
joanna smith

February 8, 2010 at 10:32 am | Reply

I have recently been recieving delivery statis notifications that say it has attatchments, well I am not sending these and it has been sent to everyone in my contacts. It has attatchments for advertisements for various product, especially medications. I have run a scan and know I do not have a virus. How do I stop this from happening?
Al Foster

February 14, 2010 at 9:12 pm | Reply

for the second time and email was sent to various email address of mine says undelivered. Also advertisement for Vagra and other drugs attached. This is the second time with in 1 month…. Help please…. and thanks…
Al Foster

February 14, 2010 at 9:16 pm | Reply

For the second time in about 1 month I have receive the statement … that unable to deliver .. old address and even some of persons I dont know… HELP PLEASE…..Thanks
salmon

February 20, 2010 at 2:49 am | Reply

I had the problem with the hotmail virus which send email to all in your contact list & then it deleted all my contacts! Thereafter I received very rarley e-mail. what the do is they change your junkmail settings, all your emails go straight into the junkmail because only e-mails from your contact list (which is now deleted by the virus!) go into your inbox. They also change the settings that alll your junkmail are deleted straight away!!! Therefor I got alsmos to e-mail!

Please spread the message to check your junkmail settings!
Dennis P. Habern

March 18, 2010 at 9:24 am | Reply

As of yesterday, I have lost the capability to
delete unwanted messages. I can still receive
and send messages, but when I send messages, it
takes at least 1 minute for the computer to
complete the transaction. When I attempt to delete
a message, a computed generated message comes
across the the screen and indicates this:

“There was a problem with windown live Hotmail
Service (a temporary network connectively issue
that has nothing to do with your computer).
Please try again.

In addition, a few weeks ago, I received an
e-mail message request, appearing to be from
Hotmail, asking for all my persnal data. I
refused the request. Therefore, could this be
the same person that initiated the personal
info request, that has the capability to now
cause the problem in which I cannot eliminate
unwanted messages?

Thank you.

Sincerely,

Dennis P. Habern, Msgt, USAF, Retired
Louche

May 18, 2010 at 9:24 am | Reply

The answer is obvious. She uploaded an infected file to her hotmail account while it still had a virus on it. Happened to me, too.
britney jones

November 28, 2010 at 4:05 pm | Reply

Leo you evidently do not know as much as you think. When you said it isn’t the hotmail how do you explain my hotmail account sending out virus laden emails to all my contacts while the power was out to the house and the computer was off due to an ice storm. With no battery back up and the power completely off emails were sent from my hotmail account. So of “GREAT ONE” explain that.

No problem – someone has hacked into your account, and logged in from their working computer to send out that malware and spam. This is happening A LOT right now – yours is not the first report. The Hotmail servers themselves have not been hacked.

29-Nov-2010
linda kincaid

March 2, 2011 at 11:08 am | Reply

I’m having trouble reading my emails. I pick unread emails but it still doesn’t let me read what the email says. Help me.
Dana Karl Hall

May 5, 2011 at 6:11 pm | Reply

Hotmail/Live Mail mainframe computers have been hacked since early April 2011. I reported this significant breach to Microsoft, including the identification of the hacker. Microsoft gave me a new Hotmail email address, much like the old one. Microsoft is working quickly to correct this major problem affecting all Hotmail/Live Mail accounts.

You sure it wasn’t just an account that was hacked? Giving you a new Hotmail address is just opening up a new account. I’d have to see a lot more proof before believing that the Hotmail servers have been hacked.

05-May-2011
Helen Butts

May 10, 2011 at 8:09 pm | Reply

when i sign into my hotmail ,a page comes up telling me my hotmail account has been cancelled due to perhaps a hacker sending spam in my name.as of now i have no hotmail account and have no idea what to do about itplease help.by the way the spam is still being sent to all my contacts .

That’s this article: What are my Lost Hotmail Account and Password Recovery Options?

10-May-2011
Was Hotmail

March 19, 2012 at 7:03 pm | Reply

I believe the Hotmail server is infected. My account has had the computer equivalent of AIDS for months. I opened a gmail account and no problems with it. I wiped out all my contacts in the Hotmail account and it started juse sending spam to me. When I changed the name in my profile frrom my name to MSN Hotmail virus the spam started comming from MSN Hotmail virus. I will never trust Hotmail again.
Angela J.

May 8, 2012 at 3:15 pm | Reply

Help! I just got an email that says it’s from the “Hotmail Customer Service” saying that they are switching the servers over to new servers & that my email will be deleted if I don’t update my info. I was suspicious, so I did a little research. But came up blank. What do you think?? Here is a copy of the email—

Welcome to Hotmail.
Windows MSN Hotmail is faster, safer than ever before and filled with new ways to stay in touch. Due to increased spam and phishing activities globally, a DGTFX trojan virus has been detected in some of our servers. Your email account server will be upgraded with our new secure 1024-bit RSA key anti-virus firewall to prevent damage and spread of the virus. Click your reply tab, fill the columns below and send back to us for confirmation of the upgrade or your email account will be terminated to avoid spread of the virus.

* User Name:……………………………………..

* Password:……………………………………….

* Confirm Password:……………………………

* Country Or Territory: …………………………

Note that your password will be encrypted with 1024-bit RSA keys for your password safety.
YOUR DETAILS WILL NOT BE SHARED.

Find out what else is new or coming soon to Hotmail.
* You are receiving this message from Windows Live because you are a valued member. Microsoft respects your privacy. To learn more, please read our online Privacy Statement. For more information or questions regarding your e-mail account, visit Windows Live Hotmail Help.

Microsoft respects your privacy. Please read our online Privacy Statement.
Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA  2012 Microsoft Corporation. All rights reserved.

I tried calling Microsoft on the issue as well, but they don’t give Hotmail help over the phone. Any help will be appreciated. Thank you, Angela

The message you’ve received is a common phishing scam. You should ignore and delete it. You will not lose your account. This article covers the topic in more detail: Is Windows Live Hotmail about to close my account?

09-May-2012

Mail programs versus mail servers

If not Outlook.com, then where?

Related Posts

23 comments on “Could the Microsoft Servers be Infected?”

Leave a reply: