Hotmail/Email Account Hacked

Okay this has been happening to me a lot lately: First my checking account somehow got hack and my measly dollars removed--bank reimbursed me. Whew!

Now, I go to log on to my Hotmail email account and it says it has been put on hold because someone is using it for spam?

When I log on at a public computer I log out and shut down when I'm done. I do use a school's wireless network though. Could this be where my account is being hacked?

Is there any software that can let me know when someone is accessing wireless networks in the area? At least I can know when it's not safe.

One more thing, should I put my codes in my computer's memory rather than signing on each time? I think this may be how they get my access code?

 

Krane, sorry to hear that -To answer you last question yes. First thing I would do is check that you do not have malware installed such as a keylogger.

 

That keylogger could have been on one of those public computers, not on the personal one.

 

I ran a full system scan last night and it came up clean.

I suspect this may be the culprit. Any solution?

 

Krane, glad to hear your system is clean, personally I never use any applications that require a password in public areas.
When you ask "Is there any software that can let me know when someone is accessing wireless networks in the area? At least I can know when it's not safe" do you mean if you take your laptop to a coffee shop (or school) and use the free wireless?

 

Yes, I could store all my passwords on my laptop but then all my access codes would be stored for the taking. A much more valuable loss should my laptop get stolen.

Yes, school's wireless network. Since my email was hacked I reported it and they informed me that they have added a secured wireless which I now use.

 

I was not advocating that, I keep mine on a USB drive that never leaves my sight. I am a bit paranoid so I do not allow IE to save passwords either.

 

A great idea that I will adopt.

As am I. Although apparently after these experiences, perhaps for good reason. I now know for sure these wireless networks are not safe.

 

Krane, sorry to hear your troubles. For use at a public computer, you can keep Truecrypt portable on a usb stick and use it to decrypt your password list file. Cut and paste into the pw blanks would defeat the keylogger. If your usb stick is lost or stolen, the theif wouldn't know your truecrypt pw so it'd be useless to them. If the public computer does grab your Truecrypt pw through the keylogger, the attacker has no way of using it short of mugging you for the flash drive.
Portable TrueCrypt / TrueCrypt Portable

Prolly a dumb question, but are you logging in to your services with https? If so, the school 'securing' the network is just meaningless reassurance by them. WEP, WPA Enterprise or a fully open network are all the sames insofar as plain text transmissions are concerned. They can be intercepted and read by anyone already on the network.

About your question on seeing other people access wireless networks. Why? Any public network will have many users. Is there someone you're specifically looking for? You can then use Snort or Wireshark but that's not really useful, they're packet sniffers.

If you're sending/receiving info that's SSL or TLS encrypted, there shouldn't be any problems unless the security camera is zoomed in on your keyboard as you log in. Good luck.

 

LaCie - Silver CooKey

I bought that one almost 2 years ago and it has been on my keychain ever since. Basically I don't leave my home keys anywhere without my supervision, therefore having my usb key on the same set is logical.

Back then 4GB model was same size as my other keys so it blends right in. Bigger 8GB was almost double length so it would have stick out like a sore thumb

 

If you were paranoid, you wouldn't be using IE to begin with? If you're using IE, you're the opposite of paranoid. Unwary? Take that as a compliment.

 

I don't really believe in using public computers. I suppose if you have to use a public computer, you could use PortableApps on a USB thumbdrive, or if you have access to the boot order, you could boot from USB and run Linux off a thumbdrive - probably the safest and best idea. Microsoft is talking about the same idea with Windows 8, and we might know more by the end of the month, although much like the next Xbox locking out all used games, I don't fully understand how it will be done.

 

I hear you I am sure many here would call me clueless, but I run a small PC support business from home and have yet to run into anyone who did not want to use IE, so I have tried to learn as much as I can about securing it. (we are talking people with 12 tool bars and 3 inches of usable browsing space calling me at 5 AM and forgetting I told them to press F11) LOL

 

Sometimes there is no choice. Especially when you need to access your email accounts.

Any suggestion on how I should go about correcting this problem? Should I just abandon the account altogether? So far I cannot even log onto Hotmail website from my computer. Every time I try to enter it to the website it goes off line? It as thought Hotmail is a bad word to the browsers. When I attempted to uses an alternate password it keeps insisting it doesn't "recognize" my password.

 

Krane if you have nothing crucial in that Hotmail account, I would ask them to close that account forever, and either go with another free service.
I have an email account for online banking, etc with my ISP , and use a 'bogus' netzero account for entering contests, or anthing that I consider non essential.

 

Another thing to watch out for: Anyone with a WiFi card can host a wireless network and name it "X-UniversitySecondFloor". Many people could connect thinking it was the school's network, however it could actually someone's personal laptop sharing an internet connection with you.

Then it's almost as if your handing a password to a friend and asking them to login for you. Except this person is probably not your friend.

 

I would do just that if I could connect. But for some reason my system won't allow it.

I will try to connect using another computer and let you all know how it turns out.

Thanks all!

 

When forced to use a public wifi connection, make sure to use a (free) VPN.
There are quite a few free ones available, one is f.i. Hotspot Shield.
It's ad-supported so perhaps a bit 'in-your-face' but it does allow you to connect over an encrypted connection.

 

Does hotmail have a "Last Account Activity" thing like gmail which lists the access type, IP's and time of access? That might help in narrowing down where the breach took place, or at the least when/where the person is logging into your hotmail from.

 

I don't know, and can't get past my trepidation to find out. I tried to connect with an alternate email but they asked so many personal questions that I terminated the link.

They wanted to know about credit card transactions, topic history etc. With the way the climate is now, I'm not giving anybody other than my bank or workplace that much information.

I guess it's time for me to review all the warning in dealing with these accounts. When I first opened it, none of this was a big deal.