Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

My Windows Live Hotmail contact list has been hacked, how do I recover?

Question:

My husband’s Hotmail contact list has been hacked and a phishing
paragraph was sent to them. Now it appears whenever he tries to forward
an email. How do we get rid of it?

It’s unusual that only the contacts would have been hacked into, and
it’s more likely your entire Windows Live Hotmail account has been
compromised.

Frankly, I’m surprised you still have access.

But, given that you do, there are several steps you should take
immediately, to recover from the damage that’s been caused. One of
those steps should take care of the phishing paragraph that’s showing
up.

]]>

I’m going to assume you’re using Windows Live Hotmail’s web-based interface. In fact, many of the steps we’ll take will need to be taken there.

The very first thing you should do is very simple: Change Your Password. This is so important, I’d go so far as to say do it now; before even reading the rest of this article. It’s the first step to slowing down (though perhaps not preventing) the hacker from continuing to access your compromised account.

“Remember that your Hotmail account is really your account for all Windows Live services …”

There are now several things you must change to regain total control of your account.

Start by clicking on the Options item in the far right of the Windows Live Hotmail display:

Windows Live Hotmail Options link

In the drop down menu that appears, click on More options.

On the resulting “Manage Your Account” page, click on View and edit your personal information. That will take you to a page much like this:

Windows Live Hotmail Personal Information page

The short version is that while your hacker had access to your account, they had access to everything here. If they didn’t change it, they likely could have seen important information that you might care about.

Change it.

For everything that makes sense, change it.

  • Change your password: as I mentioned above, to prevent the hacker from accessing your account.

  • Change your security question: to prevent the hacker from having changed it and using it for a password reset after you change your password.

  • Change your alternate e-mail address: to prevent the hacker from requesting a password reset to an account that he may have changed this to.

  • Change your mobile PIN, or remove your mobile number completely.

  • In billing options, consider removing or changing the payment method listed, and be sure to keep an eye on that credit card’s statements in the future.

Also review the Additional options at the bottom of this page, making sure that the hacker didn’t change permissions, marketing preferences, or anything else relating to your account.

That’s the high priority stuff, but there are still plenty of things that need to be looked at.

Return to the “Manage Your Account” page. You’ll want to double check almost every option listed on this page, as the hacker may have altered it while he had control of your account.

In particular, I’m guessing that you want to take a look at the “Personal e-mail signature” settings.

Windows Live Hotmail personal signature

As the text of the feature states, the text in your signature is “added to the bottom of each e-mail message you send”. I’m guessing that your hacker added his own personal message here, and that it’s being automatically added to every message you send. Remove it.

In reality, if your hacker has been thorough there’s a lot of damage they can do, and it can be a lot of work to re-construct your account. Remember that your Hotmail account is really your account for all Windows Live services, including Messenger, Spaces, Groups and who knows what else. While they had access to your account, they had access to all of that. And that means that they had access to any and all options relating to those other services in addition to Windows Live Hotmail.

It simply goes to underscore the importance of keeping your account safe, choosing a strong password, keeping it secure, and in general keeping your computer safe on the internet.

Prevention is so much easier than trying to clean up the mess after a problem.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

41 comments on “My Windows Live Hotmail contact list has been hacked, how do I recover?”

  1. The exact same thing happened to my Hotmail account a couple of days ago. A phishing email was sent out to my contacts. I immediately checked the Hotmail inbox and saw some returned messages that were sent out to invalid addresses. All of my contacts were erased and the phishing email had become my vacation response.

    Everything else looked OK in the account, but I did everything that Leo recommended. I stopped regularly using this Hotmail account many years ago because of the huge volume of spam.

    Reply
  2. I’m involved with IM and on mmore than one occasion I’ve been asked for my password to my hotmail/live account presumably to email their message/offer. I have always declined even though I do trust the people involved but it brings the question to mind if they can email my whole contact list how do I mail that way, without having the insanely long “mailed to” list which looks and will set off the spam police?

    Reply
  3. My hotmail account has been compromised. I cannot log in nor can I get any help from the hotmail people. Is it possible to reinstate my hotmail account or have I lost all of the contact info etc. forever? Please help. You seem to be the go to person for all problems. thnx.

    If Hotmail has been of no help, I know of no way to get the account back. This is one of the many reasons I so strongly recommend agaist free accounts for important stuff.

    Leo
    08-Apr-2010

    Reply
  4. Leo
    Great radio show by the way.
    I have been suspecting for some time about my Win Live mail being compromised. Last week I received an E-M from a friend in Cancun, Mex warning me to be cautious with my messaging & e-mails; He said that He could see my conversations and E-Mls. Am I doomed? Do I continue using MSN / Win Live site?
    What’s at risk? What did actually happened?
    Did my friend compromised his account & in return He was thrown a “hook” from a hacker, hoping he would grab it?

    No idea. Your friend would have to describe better exactly how he can do what he claims. (And I don’t have a radio show. Different Leo Smile I’m Leo Notenboom.)

    Leo
    12-Apr-2010

    Reply
  5. Just happened to me. Thanks for the article I have done everything you suggested.I guess I always knew the password was weak but didn’t do anything, now it is strong and I will change it frequently.

    Reply
  6. I have been turning in circles since my hotmail was hacked I have applied your suggestions and will wait for further outcome. THANKS can’t be said any better.

    Reply
  7. Can’t get into hotmail account. It has been taken over, tried to contact hotmail to obtain person to return my email account. I think person has changed all my information since I’m not receiving message from my alternate account. Need help on next step.

    Reply
  8. please inform how i can recover my send emails i didn’t delete my self. so please help how i can get back i need all. waiting for your reply

    Reply
  9. how i can recover all my send emails in windows live so please help me in this issue i need all mails back in same folder so please inform me, this emails i didn’t delete my self i think some one hack this account i change my password, so please help in this matter kind regards.

    Reply
  10. I heard that this had to do with a breach in Facebook. It’s happened to some other folks I know. Your contact list is used to distribute e-mails about on-line pharmacies.

    Reply
  11. cant recover/get into my hotmail emails – wont let me change password etc and just keeps coming up with Error 999 – no help from windows live etc – just dont know what to do, so extremely upset and annoyed

    Reply
  12. Yesterday my account sent out a spam mail for some laptop.I myself never open links from that type of mail let alone send it. Today I was on for a lil bit then when I went back I could no longer get in.It was saying wrong password ugh. I want it back!

    Reply
  13. Hotmail account was hacked and everyone in my contact folder has received an email about how I’m overseas, flat broke and to please send money. I no longer have access to my Hotmail account as the hacker has changed the password. I’ve initiated the account validation/password recovery process but how will I know if and when problem is resolved. Should I just consider this email account toast and get on with my life?

    If you don’t hear anything from Hotmail in 48 hours or so, then yes – in your shoes I’d consider the account lost forever.

    Leo
    28-Aug-2010

    Reply
  14. I just went through the whole email password recovery thing with Hotmail and thought I was out of the woods. But the hacker address keeps coming back in and force forwarding my email. Have deleted it twice but still comes back. What can I do?

    My guess is that you changed only your password. That’s not enough. Please read: Is changing my password enough? (Short answer: no.)

    Leo
    24-Oct-2010

    Reply
  15. Hello Leo. Thank the lord for saints like you to help the less computer able muppets like myself out there.
    I too think i have had my Hotmail compromised; lots of undeliverable messages in my inbox made me check my sent messages and shortened links to sites selling viagra were sent to all in my contact list along with other contacts that are not in my list.
    I have now changed all the details outlined by yourself and are now waiting to see if this has rectified the problem.
    Is there anyway the Hotmail staff can help with this issue? I know alot of it comes down to regularly changing your passwords which many of us don’t do quite as often as we should, but i am sure that Hotmail could see who is hacking its users and more than likely can see how they are doing it and therefore advise us of counter measures in response. The very least they should do is alert us to the problem. As far as i can see it is only a problem suffered by Hotmail users. It may be free but would you pay for it???

    You can try contacting Hotmail customer service, but in all honesty from what I hear from people I wouldn’t expect much help.

    Leo
    05-Nov-2010

    Reply
  16. My email account has just been hacked and some friends have been sent spam emails from “me.” I’ve followed all your advice above, but I’m worried that the hacker will now have access to all my online memberships to things like online shopping sites and supermarket accounts etc because I’ve used the same password for everything. Do I need to change my password for all my other accounts as well (like facebook, amazon etc)?

    Thanks

    I would strongly recommend that you do so. This is one reason why having the same password for everything is such a bad idea.

    Leo
    14-Nov-2010

    Reply
  17. My hotmail account was hacked today. They have changed my password and secret question so I cant get in and change anything. They sent an email to all of my contacts asking if they could send 500$. I responded to them from a different email account and they have given me details of a person to send money to via western union funds transfer so I am off to the police to see if they can do anything but they didn’t help me so can you please do some thing for me. I have alots of emails from him or her that send me to my gmail account and I can send you as a prove if you needed for making sure that is my email account and please do some thing for me.

    There’s nothing I can do. Please read this article which discusses your recovery options for the various ways that Hotmail accounts can be lost or compromised: What are my Lost Hotmail Account and Password Recovery Options?

    Leo
    17-Nov-2010

    Reply
  18. Strikes me that either Hotmail is an unusually easy system to hack, or, more likely, it hasn’t been hacked at all, but that these sufferers have managed to acquire one of the multitude of viruses that spread through email and address books. If nothing other than reports of spurious ads seems to have happened, then I am more suspicious that this is in fact an infection, not a hack. That reports of this kind are becoming so prevalent is one reason I will never rely on a purely web-based email system. I have always used a dedicated, protected, email client (currently Thunderbird) with a proper email account, and I have never had this kind of problem.
    I would suggest that, as well as carrying out all the recommended actions of password changing etc., sufferers also run a full deep-scan virus and malware check.

    Reply
  19. I am disgusted to find that someone has accessed my hotmail address book and sent the following advert to everybody in my address book: How to protect my hotmail contact list

    Reply
  20. not one antimal or antivirus or what have you i used found anything…..one at leasst said it would only check wind live…no others what good are they then

    That’s because an email account hack as described in this article is typically NOT a virus or malware. Rather it’s a hacker simply gaining access to your account.

    Leo
    02-Dec-2010

    Reply
  21. I am in my email, trying to change everything you said, but the hacker has added an “unique ID” (which is listed directly under my windows live ID in the manage account tab) and it won’t let me change it. The hacker also added an email for password reset and I tried to look it up on yahoo and they’re saying that ID hasn’t been taken yet. Are there any other options? And yes, I changed my password a few days ago. Thanks in advance!

    This article discusses recovery options for the various ways that Hotmail accounts can be lost or compromised: What are my Lost Hotmail Account and Password Recovery Options?

    Leo
    04-Dec-2010

    Reply
  22. I read this and changed my settings. Thanks for the help! I have a question about my contacts though. Whenever I send an email to a group of people from my contact list, a couple of sex email addresses appear on there too. But when I look on my cantact list to delete them, I can’t find them. Is there anything I can do about it?

    Reply
  23. Leo,
    Most hacked Hotmail happens not because their password was hacked but because the hacker sends an e-mail to the user that comes from a friend or contact persons they knew. Obviously this wont be picked up by spam filters nor does it look suspicious if it comes from someone you know. Once the e-mail is opened, it contains a worm/virus that not only gives the hacker access to your pass word, but attacks the users contacts directory. Once hacked, it sends out an e-mail to everyone in your contact list putting your e-mail address as the sender so your friends think you are sending them an e-mail. Little do they know the e-mail is from a hacker and the worm has now hacked into their e-mail account. MSN has done noting to help this spreading problem. I have been hacked twice now this time the hacker gained access to my Google accounts and it has created a nightmare for me. My suggestion DO NOT TYPE IN ANY CONFIDENTIAL INFORMATION IN ON ANY INTERNET SERVICE. Keep it off the net if you want to stay safe.

    Reply
  24. My situation is the same as Sherion’s , above. When I start a “new” email and click the “To” button to have the abbreviated contact list pop up, at the end of the list are several “adult” entries. But when I click on “Contacts” on the left-hand bar, the entries don’t appear, so I can’t delete them. A couple of new ones have turned up recently, too. How can these be removed? Will a professional be able to “scrub” them out of my hard drive? Thanks —

    When they’re displayed simply down-arrow to select one, and then press the delete key. Repeat for all offenders.

    Leo
    14-Oct-2011
    Reply
  25. My Hotmail account was closed and I’ve lost all my contacts. But on my other computer I came across this file of contacts with a ’windowslivefile’ extension. Is there any way of accessing these since I think they are the email addresses of my lost contacts.

    If you can help it would be greatly appreciated.

    Reply
  26. Leo, I’ve now found a solution to the hacked Contacts list. In the abbreviated “Contacts” list that pops up when I start a new email and click the “To:” button, I had found “Adult” contacts added to the end of the list, and I couldn’t find any way to delete them. Finally, I noticed that in the Hotmail left-hand sidebar under “Messenger,” there was a message, “3 invitations.” I clicked on that message, and was taken to a screen that showed several “friend requests” and below those, several “invitations” to join “Groups.” Lo and behold, those groups had the same names as the bogus entries on my abbreviated Contacts list! And when I clicked to refuse the invitation, hooray, they disappeared from the abbreviated Contacts list! (They had never shown on the contacts list that appears when you click the sidebar option.) After refusing all of them, I went into my Profile (click on Profile in the upper right-hand corner of the screen, right under your name and beside “sign out.”) I changed my profile options to the most private settings, and I hope that will prevent future unwanted appearings.

    Reply
  27. So if your account has been hacked, why would they use your contact list alerting you of the breach? Why not just browse through your emails (many of mine had files attached) and get the info they are looking for. Since I have my emails saved every time I send, they now have my password list, financial records, resume, etc. This is the worst thing that could have happened. Are there some hackers that just go in and steal your contact list. Between when I found out that I’d been hacked and changing my password, it had been several hours. That would have given them lots of time to browse. I’m praying they didn’t get anything that can harm my credit or identity.

    Reply
  28. @Wendy
    It might be a good idea to contact your credit card companies and inquire if there has been any recent activity on your accounts, block those cards if necessary and change any passwords that you may have on those lists.

    Reply
  29. I read the answer above, but for me I could not access to mail inbox or option,, just show that me user name and password are correct but I could not access to my page

    my blocked email is {email removed}

    Reply
  30. @Hussein,
    You might want to know that posting your email to a live forum like this greatly increases the spam you get, and also your likelihood of being hacked. Getting your email back is going to be difficult, and along with that it would be good to learn some basic safety tips as taught regularly here in Ask Leo!

    Here’s a great article on that:
    Why shouldn’t I post my email address in a public forum?

    Reply
  31. My account has also been compromised. Details:

    25Apr2012: WinLiveEssentials updated to 15.4.3555.0308. WLM client Version 2011 (Build 15.4.3555.0308).

    01May: Received mail from my own address, sent to my address plus 2 contacts. This item was in INBOX and in SENT ITEMS. Unlike my legitimate sent mail, the item’s FROM field is empty.

    09May: Received another mail from my address, to my address and same 2 contacts, plus one non-contact address that I emailed on 03May. This item was in INBOX only, not SENT ITEMS.

    Each item’s content was a link; the 2 links were similar but different domains – both contained “…/blog/wpcontent/themes/…/likeit.htm?…”; both links’ text appeared to match the target address.

    I changed my account password after the 09May incident; I could not find any indication that anything had been altered. I have also deleted all contacts. None of my other WLM accounts has been affected AFAIK.

    As was mentioned in the thread, it seems unlikely that someone with malicious intent would send out emails to advertise his activities.

    FWIW I’ve used WLM since 2009 without apparent incident. The timing raises suspicion that the 25Apr WLE update could be a factor.

    Anyone else with similar experience?

    Thanks,
    CC

    Your live.com email account was simply hacked, and yes this is happening a lot. Changing your password and all password recovery information is the right thing to do.

    Leo
    09-May-2012
    Reply
  32. Leo, thanks for the fast reply to my 09May post. I’ve done a bit more digging since I posted and I don’t believe the items were sent from inside my account. As I said, the 2nd item doesn’t appear in my outbox – I suppose a hacker could have deleted it – but the first item has different property details than my legitimate outgoing mails. They all start with FROM:…, TO:…, SUBJECT:…, DATE:… etc. Above those fields in the bogus message I see MESSAGE-ID:…, CONTENT-TYPE:…, X-ORIGINATING-IP:… and then FROM, TO etc.

    To me this strongly suggests “spoofing” rather than hacking?

    Of course that leaves the question of the additional recipients. I now realize that the 2 TO addresses in the first email were the only 2 adresses I’ve mailed from that account since 03Mar2012. The 2nd email added the one additional address I emailed on 03May. IOW, the targets seem more likely to be derived solely from my outgoing mail rather than my contacts list, although I have no idea how that could happen.

    Sorry if I’ve gone a bit off-topic here – I thought the additional details might be of interest to others…

    CC

    Reply
  33. My account must have been hacked – everyone in my contact list received a spam email from me. Now my account is locked and a strange email address is listed in the drop down “how do you want to receive your code”, how do I get my account back?

    You may not be able to. This article, already on Ask Leo, discusses recovery options for the various ways that Hotmail accounts can be lost or compromised and I believe applies in your situation: What are my Lost Hotmail Account and Password Recovery Options?

    Leo
    06-Jul-2012
    Reply
  34. Your live.com email account was simply hacked, and yes this is happening a lot. Changing your password and all password recovery information is the right thing to do.

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.