Dear Mr. Mrs.
To home is my concern from couple months ago some one has my e mail
address stolen and I dont know haw I can report for this till some one
till me about this web Sid and my email address was ******@hotmail.com
and my password is 123456 please give me an answer as soon as you can
you can call me ###-###-####
With the exception of the obviously removed information, this is a
question exactly as I recently received it, sent to my personal email
Now, set aside the fact that this email is clearly written by a
non-English speaker; that’s very common, as the site is visited by
people from all over the planet.
There are several very serious problems with this email
that I want to make sure you never, ever duplicate.
Can you see them? One of them is absolutely frightening.
First, let me give the answer I gave to the questioner:
You can try the instructions on Windows Live Hotmail’s What to do if you think your account has been stolen page.
Now, I’m not hopeful, and you’ll see why in a moment, but it’s worth a shot.
What’s wrong with this scenario? Let me count the ways.
I did not obfuscate the password above. This persons actual password was “123456”. My first reaction? No wonder your account was stolen. This is absolutely frightening.
A couple of months? Perhaps within the first few days of a theft you stand a chance, but after weeks, or months my belief is that things are pretty hopeless.
She gave her password to a total stranger. Yes, that stranger was me, but she doesn’t know me, and has no clue on how trustworthy I may or may not be. She contacted me using a different Hotmail account, but given her abysmal choice of password for the first account there’s a very high likelihood that she kept using the same password for the new account, or one just as easy to crack.
She gave her phone number to a total stranger. Once again, me, but still it’s clear that even after having her account stolen privacy and security lessons have not yet been made apparent. (And no, I’m not calling her – that’s just not something I do.)
So, after all the fault finding I’ve just indulged in, what can you learn from this exercise? How can you stay secure?
Let’s just turn each of my concerns around:
Use a strong password. Always. No excuses. Keep it safe, and share it with no one.
Act quickly if you suspect that your account has been compromised. Use the resources available to act on your situation as quickly as possible. Hotmail users have http://windowslivehelp.com/ specifically for Hotmail support and discussion.
Keep your private information private. Don’t go throwing your phone number and most certainly not your password to just anyone in the hopes of getting help. There are too many people out there who will abuse your trust and cause you more trouble.
I honestly don’t mean to make fun of or shame the person with the original problem – in fact, I responded to her well prior to posting this article, not expecting her ever to return to my site anyway. My hope is that by pointing out the deep flaws in her approach to passwords and privacy that some of you who might see even vague similarities with your own approach will rethink your situation, and take steps to keep yourself more secure.
Sadly, the other thing that’s frightening about this scenario is simply how common it is.