Tech Support? Help!!

[ShadowRaven]

Okay, I may be a geek, but that doesn't mean I know a damned thing about computers. However, I know I have a problem. It's not hardware, it's not software, it my email account (Hotmail) It seems it's been hacked or something like and is spamming everyone on my list with something about acai berries. How do I fix it, can I fix it? or do I need to switch to a new account?

[Wombat]

Sounds like a Trojan (or possibly a Durex). I'd run some AV, delete that mail account, recreate it, run some Malware checkers, install a good mail program like Thunderbird, sit on your hands, turn around three times, bark like a seal, and buy a Mac.  :)

But seriously, its probably something nefarious. Check your programs and running processes. Something ain't right.

[monbvol]

Seeing how as it is a hotmail account you're probably going to be better off just setting up a new account.

Running the various scans is a good idea on just principle but will almost certainly not get your account back.  You could try calling hotmail tech support but I've seen snow accomplish more in the California Salt Flats in less time.

I treated my hotmail account as a throw away account and it got hacked not long ago but I was out nothing I actually cared about.

[ShadowRaven]

So then chances are reasonable there is a problem on my comp itself? That was entirely not what I wanted to hear, but it's at least good to know. I was about to pick up a new copy of McAfee on Monday anyway.

It's not like I really care about the account, i was just kinda hopeing to avoid the hassle of getting all my contacts moved over to a new one.

[ItsTehPope]

So then chances are reasonable there is a problem on my comp itself? That was entirely not what I wanted to hear, but it's at least good to know. I was about to pick up a new copy of McAfee on Monday anyway.

It's not like I really care about the account, i was just kinda hopeing to avoid the hassle of getting all my contacts moved over to a new one.

Its possible, but depending on how weak the password is, it may have simply been brute forced

[ShadowRaven]

well, I did change the password once I found out. That seemed a reasonable first step.

[monbvol]

So then chances are reasonable there is a problem on my comp itself? That was entirely not what I wanted to hear, but it's at least good to know.

Not likely but at least once a week is a good rule of thumb to run scans anyway.

I was about to pick up a new copy of McAfee on Monday anyway.

I have never been impressed by McAfee.  Ever.  It rates worse than Norton/Symantec on my list of security software and that rates pretty low.  Even the current version of AVG which can be obtained for free is better.  Though personally I've had nothing but good things to say about Microsoft Security Essentials which last I looked was also still free.

It's not like I really care about the account, i was just kinda hopeing to avoid the hassle of getting all my contacts moved over to a new one.

Even though you can get in I personally would be too weary to ever trust using that account again.

[Ajax_Wolf]

well, I did change the password once I found out. That seemed a reasonable first step.

If they hack your account, there isn't much to do about it now, because the 1st thing they'd do is copy your address book. Changing your PW will stop they from using your account again, but they have want they want the most, your address book, so they can spam other people.

[Wombat]

If they hack your account, there isn't much to do about it now, because the 1st thing they'd do is copy your address book. Changing your PW will stop they from using your account again, but they have want they want the most, your address book, so they can spam other people.

Good points there. This is why I refuse to maintain an online address book. The first (and last) hotmail account I had managed to get itself hacked and most of the folks on my address book got themselves spammed with percocet and viagra ads. I mean, seriously? Aren't enough folks out there laying around hard and unconscious?
 #P

[topcat]

People often change their passwords, but rarely their security question.  Many security questions can be answered from a quick search on Google or Facebook.  Married women almost always include their maiden names in their Facebook account, for instance, which makes it easier for old friends to find them.  However, it also gives the "mother's maiden name" answer for all of their children.  Relatives' middle names, a wide range of birthdays, your hometown, where & when you went to school and other information pop up that same way pretty easily.  If I can answer your security question, I can have your password any time I want it.

Best thing to do is to lock down your privacy settings on Facebook and whatever other social networking sites you visit (encouraging friends and relatives to do the same), then choose a security question that can't be easily answered.  Also, keep passwords and security questions for financial and work sites different from social sites (like CBT here).  They may not be able to get your info from your bank's database, but they might be able to get it from your favorite forum's.  If the answers are the same for both, then it doesn't matter where they get it.

[Fnord]

You have probably logged into your mail using an infected computer at some point. It might be yours, it might be a friends, or one at work. If you remember what computers you have used to access your mail account during the last few weeks, then you might be able to narrow it down a bit. Tell your friends/workplace to do a virus/malware scan if it turns out that the security leak was not your computer.

But first of all, simply do a full system scan of your own computer, and then change your password. It would be a real shame to change your password, simply to have it nabbed by a keylogger again. Also, change your secret question (my secret answer is a random string of numbers & letters, which I'll never be able to remember, but I have all my common password written down in a secure location (in physical form)).

[Istal_Devalis]

Honestly, it might not even be your machine that's doing it.
Someone could just be spoofing your email. 

[ShadowRaven]

There are only two computers I ever check my email from. Mine and my Brothers, So that part of things is fairly safe I think. My security questions are all nonsensical anyway. For example Q:what was the name of your high school? A:Switzerland

[Spaceman]

I had my hotmail account hacked at one time and I stopped using easy passwords. I worked to create a super-strong password. First thing I did was change my password and then email everyone that had been mailed that my account was compromised and not to follow the link. I made sure my PC was secure and then vowed to never use easy passwords again.

[ShadowRaven]

Yeah. easy passwords on most things are just bad ideas. Since the hack on CBT recently, I have made certain to go with numbers and letters.