My hotmail account was spoofed

[eL_PuSHeR]

Hello.

 

Someone other than me is sending spam via my hotmail account in an impersonated form.

 

I have done a thorough virus check on my computer and it came out clean.

 

I have done some reading using Google and the bottom line is that there is little you can do about it.

 

For starters, I have changed email password.

 

Any other ideas?

[DennisD]

Forgive the late reply, I was sidetracked the other day, and forgot to come back here.

 

A few months ago, all contacts in my Yahoo account began getting spam emails from me. Nothing unpleasant thankfully, and contacting Yahoo support about it was a complete waste of time and yielded one suggestion, malware.

 

I fixed it by changing my password, which is what you've done. The only other thing is a malware check, but if the password change has noticeably made a difference, then you're probably good to go.

 

I sent an email to all my contacts asking them to let me know if the spamming was still happening, and it wasn't, so the password change did the trick.

[kroozer]

I fixed it by changing my password, which is what you've done.

 

Did you guys have short passwords, like fewer than 10 alphanumeric characters?

[DennisD]

My password was 12 characters and a good alphanumeric mix.

 

Just had the one occurrence of this in 6 years with 3 regularly used email accounts, and a couple of others less used.

 

Maybe the breach was down to Yahoo. Who knows?

[kroozer]

I've read that 10 or more characters can't be cracked, so it may well have been a breach on their end.

[DennisD]

Well, I can't go making accusations I can't prove, but I was less than impressed with their reply to my email informing them of the breach.

 

They replied with very few words saying that it couldn't possibly be their fault, scan for malware. End of story.

 

In other words I firmly believe they didn't give a damn.

[JDPower]

I sent an email to all my contacts asking them to let me know if the spamming was still happening, and it wasn't

I had this happen to me and discovered the advantage of having a couple of old dead email addresses in my address book as the bounced emails gave the perfect notification of trouble

[hazelnut]

That's a good idea

[eL_PuSHeR]

My main mistake was having the same password for forums and hotmail.

 

It's a good idea to have a unique long password (mixing uppercase/lowercase alpha and numeric characters) for mail.

 

Best regards.

[Nergal]

Current belief is that even multiple alpha-numeric isn't enough, partially because of phyiscal needs of users causing them to write down their passwords and leave them in the open.

 

A favorite sentence has become a good suggestion for a passphrase, with space and punctiation it makes it very hard to crack. I use a Keyring program (I use KeePass on Windows, Keyring on Linux and Secustore on WebOS) and have it randomize all of my passwords. Sometimes this is a P.I.T.A. though with a 15 char password that has / > . * ! etc in it plus Caps and Smalls Plus Numbers (Most of my passwords end up between 50 and 120 bits )

[Corona]

If I get suspect email scams through other legit email contacts, I change my online banking password right away.