Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Is Windows Live Hotmail about to close my account?

Question:

I keep getting this email from Hotmail - is it legit?

Subject: Account Alert
From:  WINDOW TEAM (*****@hotmail.com)
To:  *****@hotmail.com
Dear Account Users
CONFIRM YOUR WINDOWS LIVE ACCOUNT SERVICES. VERIFY YOUR
HOTMAIL ACCOUNT NOW TO AVOID IT CLOSED !!!
...

This is an old, old scam. Delete it. Ignore it. Do not follow its instructions or your account will be hacked
or your identity stolen.

Clear enough?

Apparently not, since I keep getting asked about this scam over and over and over again.

And it's not even that good a scam.

Let me walk through the many ways it's so obviously bogus.

]]>

By far the single most obvious and telltale sign that this is a bogus scam?

The English is horrible!

"This is a classic 'phishing' scam."

The entire message is littered with grammatical errors and other problems. Sure, official emails often have occasional mistakes; it happens. But an official communication from a huge U.S. based corporation is not going to be anywhere near this atrocious.

Let's look at some grammatical specifics and some of the many other tell-take signs in the part of the email we've seen so far:

  • WINDOW TEAM: There is no "Window Team". The product would be "WindowS", with an S. And email about what is now called Windows Live Hotmail would not come from the Windows Team, but from the Windows Live team - they are distinct teams.

  • *****@hotmail.com: the "From:" address, which I've obfuscated here, was obviously an email address of a random person, not a Microsoft employee. How do I know this? The email address was the classic name-digit-digit form that people use when they can't get just "name" as their email address. You think Microsoft employees need to do this? They use either official email addresses like "support" or "customerservice", not individuals, and - ironically - they don't usually use hotmail accounts to do it. Microsoft employees are typically @microsoft.com.

  • VERIFY YOUR HOTMAIL ACCOUNT NOW TO AVOID IT CLOSED !!! ALL CAPS. Official emails do not use ALL CAPS this much. It represents shouting, and is considered very rude. An official business email would never use all caps to this degree.

  • VERIFY YOUR HOTMAIL ACCOUNT NOW TO AVOID IT CLOSED !!! Horrible English: to avoid it being closed.

Some more tidbits from the rest of the message:

This Email is from Hotmail,  Msn and Live Customer Care and
we are sending it to every  Email User Accounts Owner for
safety. we are having congestions due to the anonymous
registration of  accountso we are shutting down some
accounts and your account was among those to be deleted. We
are sending this email to you so that you can verify and let
us know if you still want to use this account. If you are
still interested please confirm your account by filling the
space below.Your User name, password, date of birth and your
country information would be needed to verify your account.

I just can't list the many, many grammatical errors in that paragraph. It was clearly written by someone who does not speak English.

" Hotmail, Msn and Live Customer Care" - uh, no. "Hotmail", maybe. "MSN Hotmail" if this was two years old. "Windows Live", not "Live". In fact, the product name is "Windows Live Hotmail", and any official email from Microsoft can be reasonably expected to get their own product name correct.

Due to the congestion in all Hotmail ,Msn and Live users
and removal of all unused Accounts, we would be shutting
down all unused Accounts, You will have to confirm your
E-mail by filling out your Login Information below after
clicking the reply button, or your account will be
suspended within 24 hours for security reasons.

Windows Live Hotmail already has a policy and procedure for pruning unused accounts. All you need to do is login periodically, nothing more, nothing less.

* Username: ..............................
* Password: ................................
* Date of Birth: ............................
* Country Or Territory: ................

No one will ever ask you to email in your password. No one. Not ever. Never.

Next to the horrible English, this is, by far, the most glaring example that this is a scam. You're being asked to email your account login ID and password to a random email address. Don't do it. You will lose your account if you do.

After following the instructions in the sheet, your account
will not be interrupted and will continue as normal. Thanks
for your attention to this request. We apologize for any
inconveniences.
Warning!!! Account owner that refuses to update his/her
account after two weeks of receiving this warning will lose
his or her account permanently.
Sincerely,
The Windows Live  Team
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052

Besides the continued bad English and bizarre spacing that's present throughout the message, this is just bogus fluff to make it look legitimate. I'm surprised that they finally got the product team name correct, but the fact that the product name changes throughout the message is another sign that whomever wrote this didn't really know what they were doing.

This is a classic "phishing" scam. It's point is to fool you into divulging your account information to someone, who can then steal your account and cause you a lot of grief.

And as bad as this one is - and trust me, particularly if you don't speak English natively, this one is really, really bad - people fall for it. Every day.

Don't be one of them.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

39 comments on “Is Windows Live Hotmail about to close my account?”

  1. Leo.. teach me English.. :)

    As many of my regular readers will be quick to point out, I’m far from the best English teacher.

    Leo
    07-Sep-2009

    Reply
  2. Hi Leo,

    I too am amazed at how easily people fall for these scams. They are so obviously not legitmate, especially the example you have here. I have seen some very good attempts at phishing attacks that have fooled staff in my company and I have tried my best to educate peoeple that bascially a big company will not email you for this type of information ever, but people get scared by the threat so easily. All they need to do is contact the company itself to verify if the email is legitimate before they hastily hit reply. i think as a rule if any email has a threatening consequence if you don’t do what it says then that should be alarm bells anyway.

    Reply
  3. How many “phisherman” do you suppose are reading and correcting their “phishing” style using your examples?

    Based on history, I’d say ZERO. I’m certainly not the first to have explained it in such detail and it’s still coming on strong.

    Leo
    09-Sep-2009

    Reply
  4. “…whomever wrote this didn’t really know what they were doing”? Try “whoever”. “Whomever” is accusative case (the object of the clause), whereas in this case the usage is nominative case (the subject of the clause) and “whoever” is appropriate. But at least it is not as bad as the common mis-usage where “whoever” (also “who”) is used as BOTH subject and object!

    You only have to read forums (not this one :-) to see that the general standard of English usage is appalling. So many recipients of this type of spam probably would not appreciate the grammatical points you make in this article. And for many recipients, English would not be their first language, and they might think that the spam is actually good English!

    Reply
  5. “whomever wrote this”???
    just goes to prove that grammar mistakes are not always proof of a scam

    Of course not. I wouldn’t claim to write English perfectly (which keeps many nitpicks quite happy ;-) – my point is the sheer quantity and severity of the horrible English in the scam. PLEASE don’t let my minor mistakes, which are inevitable, get in the way of understanding that point.

    Leo
    09-Sep-2009

    Reply
  6. One other reaction I get from my supportees when they get an email or pop-up ad like this is “OMG I have a virus I can’t use ma computer anymore until it’s cleaned up*

    As for Leo’s grammar. Cut him some slack. So what if he’s got a terminal grammar condition. He’s a techie not a grammar geek.

    Reply
  7. If you just want to dis Leo’s use of English, maybe you’ve just been phished. :-) (Sure, official emails often have occasional mistakes; it happens.) Picky, picky, picky!

    Reply
  8. this one comment gave me a good laugh;

    How many “phisherman” do you suppose are reading and correcting their “phishing” style using your examples?

    Based on history, I’d say ZERO. I’m certainly not the first to have explained it in such detail and it’s still coming on strong.

    Leo
    09-Sep-2009

    Posted by: Pat Van Dusseldorp at September 8, 2009 10:08 AM

    I’d have to agree with Leo here, because most of the scams that are sent out by “phishermen” are usually a cut / copy & paste job, into the new scam email, and just slightly modified to fit the new scam, be it your hotmail, or gmail, yahoo mail, etc. accounts
    or the:
    “pleas send me your bank account info so I can depost $1m US into;”
    scams

    Reply
  9. Microsoft is not immune to grammatical idiocy either. The one we all see all the time, and that grates on me every time I see it,is on the Control Panel Add/Remove Programs application; i.e., “Please wait while the list is being populated.” It’s either “Please wait — the list is being populated” or “Please wait while the list is populated.” Also, “populated” is kind of a weird term to apply to something that’s not a physical place being occupied by a certain number of animals or something at least organic.

    Reply
  10. Yes , a lesson in English grammar as well as scamming this week.

    Even so, would Americans do much better trying to scam Africans,Russians or Chinese..?

    Reply
  11. I get these often, but there are times i’d like to answer these ‘nut’s by entering all false information. That would give them something else to do.. but I don’t do it..
    thanks anyway
    fran

    Reply
  12. I cannot believe that anyone, even a new computer user (luser) could be so naive that they would even begin to think that this is a legit email. Just goes to show.
    How does grammar come into this? Grammar is a false construct, attempting to rigidly control that which is by nature fluid and changeable. All languages change with use, and their grammar changes also.

    Reply
  13. I know my password but I can’t open my email. It
    seems that microsoft does not recognize my email
    address. I have been using for two tears. What is the problem?

    Reply
  14. The convoluted English used gives me the impression that it comes from Nigeria, e.g., “we would be shutting down all unused Accounts”.

    Reply
  15. Thanks a mil Leo!
    I received that stupid bogus email telling me to ‘verify my hotmail account’ from a ***_*** @ hotmail . co . uk & the ‘reply’ addy was
    w i n d o w s l i v e h 01 @ gmail . com! I immediately went into the legit Windows & Hotmail sites to report them.
    In addition, I sent the ‘phishers’ a very very nasty email (couldn’t help myself!)
    Gosh, can u believe the audacity & downright cheek of these people!
    Thanks for all your help & a gr8 site! :-)

    Reply
  16. As usual Leo has it right. I have been getting these emails for quite some time. I right click on the message and get the ‘view source’ information and send to to Hotmail. They have been very proactive in closing down the email accounts associated with this phishing scam. Everyone who receives one of these emails should report it–tis quick and easy.

    Reply
  17. i was in greece for 2 weeks on holiday, i was staying with relives. A greek girl i was with got this email and thought it was real, luckaly she asked me befor sending her info. people who are not english fall for this even more…

    Reply
  18. They also mailed be @ my mailbox. Those are spoof mail. Stay away from those fake mails.

    _ _ _ _ _ _ _
    Tomy

    Reply
  19. Ok, I was really tired and taking medication so I did not pay enough attention. The e-mail seemed legit, the @microsoft and return address again looked legit. I was really concerned that my account would be closed so I went ahead and sent them the information. I should have known better, now that I think about it this would be the same scheme people would use to get your bank account and I would NEVER give them that information. So now I have a big problem. I no longer have access to my e-mail account and there is no way to contact Microsoft/hotmail that I’m aware of. Is there any way to recover my hotmail account? If not, how to I close it?

    There are several articles on the site discussing your options. Here’s the latest: How do I get Hotmail to close my stolen account?

    Leo
    15-Jul-2010

    Reply
  20. The second example of a hotmail phishing scam is exactly what I got, and I was suspicious from the start, even the email was an email I could’ve made. So I just deleted the email right away, I didnt reply, nothing. Just deleted it.
    The next day I couldn’t log in at all. I still doubted that hotmail actually disabled my account, so I asked a bunch of friends if their hotmail still works, and all of them said yes.

    So why can’t I log in when I ignored that email?

    Reply
  21. A friend /contact of mine fell for this scam and had her account and idenity stolen and all her contacts e-mail addresses were in the hands of the scamers.
    I have this Windows Live Hotmail about to close your account several times and regular scam mails from most banks, Pay Pal, Inland revenue etc since her account was Hi Jacked. My bank is clear in advising that on no account would they ever e-mail me about anything in regards to my account and would only contact me by posted mail if they needed to contact me, or by phone inviting me to call in to my branch.
    They would never ask for any details about my account unless I phoned them.
    It is worth a mention that if a persons account is hi jacked one account could give a scamer hundreds of names and addresses and for this reason always delete previous addresses and use B.C.C when forwarding a e-mail.

    Reply
  22. Leo, thank you so much for your postings, as I do appreciate them. It looks like they are becoming more and more savy with their scam approach, the email I received was very well worded and even included a signature of I suppose the head of the WindowsLive Team.

    Account Alert™(Unique ID: N002629AC843WM162)‏
    4/19/11
    Reply ▼Reply
    Reply all
    Forward
    Delete
    Junk
    Mark as unread
    Mark as read
    Delete all from sender
    Print message
    View message source
    Show message history
    Hide message history
    Show details
    Hide details Windows Live™ Team Add to contacts
    From: Windows Live™ Team ({removed}@hotmail.com)
    Sent: Tue 4/19/11 7:26 AM
    To:

    Always show content from {removed}@hotmail.com

    Microsoft® respects your privacy. Please read Carefully.

    Dear Account Owner,

    This Email is from Msn-Live-Hotmail Customer Care™ and we are sending it to all Msn-Live-Hotmail Accounts Owner for safety. We are having congestion due to the anonymous registration of Msn-Live-Hotmail accounts so we are shutting down some Msn-Live-Hotmail accounts and your account is among those to be deactivated. We are sending this email to you so that you can verify and let us know if this account is still valid? If it is,The following information is needed to verify your account: Your User name, password, date of birth and your country information.
    Click on the reply button and fill in your information:

    Full Name:

    User Name:

    Password:

    Date of Birth:
    Country:

    Characters:

    Enter the 8 characters that you see

    After following the above instructions your account will not be interrupted and will continue as normal. Thanks for your attention to this effect. We apologize for any inconveniences.

    Warning!!! Account owner’s that refuses to update there account after three days of receiving
    this warning will lose the account permanently.

    NOTE: Click Reply To Fill in Required Information

    Sincerely,

    Steve Craddock

    Reply
  23. {This is an example of a scam email this commenter received}

    Windows Live Email Alert Confirmation®
    The efficient way to do e-mail

    DEAR ACCOUNT USER,

    Windows Live Hotmail® is faster and safer than ever before and filled with new ways to stay in touch. Storage space that grows with you means you shouldn’t have to worry about deleting your e-mail, and the new calendar makes it easy to share your schedule with family and friends.

    Due to congestion in all Windows Live Hotmail email accounts caused by over 10 million inactive email accounts, there will be a phased deactivation of all inactive Hotmail® accounts: We will be shutting down all inactive accounts. You will need to confirm your E-mail by filling out your log-in information below after clicking the reply button, or your account will be suspended within 24 hours for security reasons. To do this, please click your reply button, fill in the required information and send

    * User Name:
    * Password:
    * Date of Birth:
    * Country Or Territory

    YOUR DETAILS WILL NOT BE SHARED.

    We’ll keep working on making Windows Live! the best email service around, and we appreciate your joining us for the ride.

    After following the instructions in the sheet, your account will not be interrupted and will continue as normal. Thanks for your attention to this request. We apologize for any inconveniences.

    Warning!!! Account owners who refuse to update their accounts after two weeks of receiving this warning will lose their accounts permanently.

    Sincerely,
    The Windows Live Hotmail Team

    * Take your e-mails on the road. Go mobile
    * Chat with your Messenger friends from your inbox or download Messenger

    Microsoft respects your privacy. Please read our online Privacy Statement.
    Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA © 2011 Microsoft Corporation. All rights reserved.

    wow they are really getting better at it this one almost got me thanks for your help

    Reply
  24. i am Argentine and friends get me this, written in English, excuse my spelling errors

    HOTMAIL ACCOUNT CLOSURE ALERT™‏

    05/07/2011
    Responder ▼
    Windows Live™ Team
    Agregar a contactos

    Los datos adjuntos, las imágenes y los vínculos de este mensaje se han bloqueado por motivos de seguridad.
    Mostrar el contenido | Mostrar siempre contenido de mujahidsyed47@hotmail.com

    Add Contacts | Explore Windows Live | Edit Profile

    Dear Account User,

    You are advise to verify your account details below to enable us upgrade your account. E.G Your Hotmail ID, Password, Date Of Birth etc.

    In failure of doing this, you will Automatically lose your Hotmail Account.

    Thanks for using Hotmail

    Account Alert

    VERIFY YOUR HOTMAIL ACCOUNT NOW TO AVOID CLOSE !!!

    Dear Account User,
    This message is from Hotmail message center to all hotmail account owners and premium account owners. We are currently upgrading our data base and e-mail account center. We are deleting all unused Hotmail account to create more space for new accounts.

    To prevent your account from closing, you will have to verify it below before One (1) Week from now!

    VERIFY YOUR HOTMAIL ACCOUNT NOW TO AVOID CLOSE !!!

    Hotmail ID:……………………………

    Password:………………………

    Your Birthday:……………………

    Your Country or Territory:………………..

    Warning!!! Account owner that refuses to update his or her account before One week of receiving this warning will lose his or her account permanently.

    Sincerely,
    The Windows Live Team

    Reply
  25. [Sigh] I guess “they” have read your article pointing out where they went wrong…

    Oh, and – on the subject of “bad English” – [coff, coff]
    “another sign that whomever wrote this ” is exactly that. “whom” (or “whomever”) is the object. In THIS case you should have used “whoever”, as the subject.

    Correct useage would be, e.g., “I can send it to whomever I want”, where “I” is the subject of “want”.

    If followed by a verb, it should be “who”, if by a noun, “whom”.

    “Whoever” and “whomever” likewise.

    Oh, and – in the next sentence – “It’s point is to fool you.. “, the apostrophe indicates a missing letter, here, “it is”, which is obviously wrong. The possessive is “its”, as this should have been.

    Hey, Leo ! You’ve been reading too many of these phishing scams ! You’re picking up bad habits ;-)

    Erm… is this sufficient evidence that I read your article ? ;-)

    Please don’t take this to mean I don’t appreciate your sensible advice ! For which I thank you, once more.

    Reply
  26. Hi Super Leo,

    If this is a scam why doesn’t msn do something about it? I’m a novice in computers & realised this can’t be right, googled it & found your advice, thank you so much for the ‘plain english’ explanation.

    Reply
  27. I thought this was kind of fishy, so I replied asking why they would need my password and date of birth before I gave any information. I wish I would not have done that . . . anyhow, will they be able to hack into my accounts if I did not provide them with any of the requested items?

    Reply
  28. There’ll always be bad and a good people. I’ve read an article about fishing & spam. You can buy 10,000 e-mail addresses generating from aaaa0000@winlive.* to zzzz9999@winlive.* for just 100,-bucks…so it’s free! And to be afraid of, their intelligence ‘s improving! There have to be some regulations in the jurisdiction…Proving your personal identity and the address where you live should be one of the first conditions to register a domain or an e-mail account…like a driver’s license or to register a car…this may happened first with the ‘closed-friends’ countries to the US, like EU, Canada,..but similar to register every video camera, every guitar, every golden ring,…it’s simply useless to say.

    Reply
  29. Thank YOU for your information regarding “Is Windows Live about to close my acount”. I was wary, and wanted to check it out some especially since the email was asking for my DOB and passowords!!! Thank you again Leo for helping me avert a disaster!!! Keep up for great work!

    Reply
  30. LOL! You just gave all of these non-English speaking commenters more tools to write better phishing emails.

    Just kidding. But please, someone is about to close your hotmail account? Do you really care?

    I replied to that phisher and told them my grandfather was the prime minister of a West Arfican (spelling intentional) repulbic, and was imprisoned 20 years ago, and I needed their account details so I could send them all of my money and then we’d split the money when I got to safety with their help.

    Reply
  31. Even though I know these Confirmation emails are scams, they all have email addresses that are not what Microsoft would use, and of course no one would ask for your password. But I did a properties search for the incoming email and the IP address for this email came from Redmond Washington, home of Microsoft. Now how would the sent email properties be able to use the IP address from Redmond Washington when it’s clear the email is bogus. I mean really, what’s the chances the tool doing this is actually living in Redmond. It also says its a Corporate Account and it says it’s Microsoft. So not only is the email bogus, but somehow they’re managing to disguise the properties so if you check it you’ll see that it’s actually from Microsoft. Here’s what I found…IP: 65.54.190.224
    Decimal: 1094106848
    Hostname: bay0-omc4-s22.bay0.hotmail.com
    ISP: Microsoft Hosting
    Organization: Microsoft Hosting
    Services: Likely mail server
    Type: Corporate
    Assignment: Static IP
    Blacklist:
    Geolocation Information

    Country: United States
    State/Region: Washington
    City: Redmond
    Latitude: 47.6801 (47° 40′ 48.36″ N)
    Longitude: -122.1206 (122° 7′ 14.16″ W)
    Area Code: 425
    Postal Code: 98052

    It’s as simple as the scammer logging into Hotmail and using Hotmail to send the scam. Hotmail is owned by Microsoft, and its servers are identified as residing in Redmond. (Not accurate, but it identifies the server owner, Microsoft, as residing in Redmond.) The actual IP address of the person sending the email is not neccessarily included in the headers when webmail is used.

    Leo
    03-Jan-2013
    Reply
  32. I got one of these and I replied “Hay, If you ARE Microsoft live…. Then don’t you know this? Bad Spammer! Bad!” XD and i was only 14 and using my dad’s account.

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.