Dear Mr. Mrs.
To home is my concern from couple months ago some one has my e mail
address stolen and I dont know haw I can report for this till some one
till me about this web Sid and my email address was ******@hotmail.com
and my password is 123456 please give me an answer as soon as you can
you can call me ###-###-####
With the exception of the obviously removed information, this is a
question exactly as I recently received it, sent to my personal email
Now, set aside the fact that this email is clearly written by a
non-English speaker; that’s very common, as the site is visited by
people from all over the planet.
There are several very serious problems with this email
that I want to make sure you never, ever duplicate.
Can you see them? One of them is absolutely frightening.
Become a Patron of Ask Leo! and go ad-free!
First, let me give the answer I gave to the questioner:
You can try the instructions on Windows Live Hotmail’s What to do if you think your
account has been stolen page.
Now, I’m not hopeful, and you’ll see why in a moment, but it’s worth
What’s wrong with this scenario? Let me count the ways.
- I did not obfuscate the password above. This
persons actual password was “123456”. My first reaction? No
wonder your account was stolen. This is absolutely frightening.
- A couple of months? Perhaps within the first few
days of a theft you stand a chance, but after weeks, or months my
belief is that things are pretty hopeless.
- She gave her password to a total stranger. Yes,
that stranger was me, but she doesn’t know me, and has no clue on how
trustworthy I may or may not be. She contacted me using a different
Hotmail account, but given her abysmal choice of password for the first
account there’s a very high likelihood that she kept using the same
password for the new account, or one just as easy to crack.
- She gave her phone number to a total stranger. Once
again, me, but still it’s clear that even after having her account
stolen privacy and security lessons have not yet been made apparent.
(And no, I’m not calling her – that’s just not something I do.)
So, after all the fault finding I’ve just indulged in, what can you
learn from this exercise? How can you stay secure?
Let’s just turn each of my concerns around:
- Use a strong
password. Always. No excuses. Keep it safe, and share
it with no one.
- Act quickly if you suspect that your account has
been compromised. Use the resources available to act on your situation
as quickly as possible. Hotmail users have http://windowslivehelp.com/ specifically for Hotmail
support and discussion.
- Keep your private information private. Don’t go
throwing your phone number and most certainly not your password to just
anyone in the hopes of getting help. There are too many people out
there who will abuse your trust and cause you more trouble.
I honestly don’t mean to make fun of or shame the person with the
original problem – in fact, I responded to her well prior to posting
this article, not expecting her ever to return to my site anyway. My
hope is that by pointing out the deep flaws in her approach to
passwords and privacy that some of you who might see even vague
similarities with your own approach will rethink your situation, and
take steps to keep yourself more secure.
Sadly, the other thing that’s frightening about this scenario is
simply how common it is.