Nice Post Jan. Its in Read it later for future reference

Although I'm aware of this, your documentation Is certainly well worth forwarding on to friends.
Thank you.

Thanks for the information, JMH. I WAS hacked about 3 -4 months ago (for the 2nd time, no less) and it was getting very serious. I did not want to change my email for a number of reasons, so I had to take whatever steps I could to stop the hacking. First I changed my password and secret question, but that didn't help. What did help though was to delete all of the names + addresses in my contact list. No contact list, no way of infecting the contact list. It's really a pain in the a$$ to have to go to my MS Word page (on which I copied my contact list) if I need to send an email --- but it's better than having to change my email address with all the vendors who have it and all of the websites where I routinely use it. (And I can get a lot of the email addresses I need from my inbox list, so it's not so terrible.) Oh, by the way, another thing I started doing, that is very simple, but I had never bothered to do it before, is that EVERY time I leave my email website, instead of just closing the screen, I take the time to actually log off. I think that being permanently logged on leaves you very open (literally and figuratively) to being hacked, whereas if your email url is officially closed, maybe, at least some of the hacking technology can't hack the site.

I advise anyone with a Hotmail account to follow the steps so their account can be easily verified. Screen captures of the verification options in my old blog post.

It's risky enough using full SSL secured email services (Google Mail, etc) over a public network (hotspot, etc) because if the connection drops out of secured mode, everything is in the open. It's much worse though with services that only encrypt the login then used this rand key service (Hotmail, Yahoo, etc.)

My personally policy is never to log into my emails / shop online while using a public network, as there's no way to know if someone is using a packet sniffer in the network.

Besides, I've noticed some differences between a normal and premium Hotmail account. On my free account, there is no pin option. While on my premium Hotmail account that I got from the University I attended last year-- it had a four pin security option.

Imperfect1 said:

Thanks for the information, JMH. I WAS hacked about 3 -4 months ago (for the 2nd time, no less) and it was getting very serious. I did not want to change my email for a number of reasons, so I had to take whatever steps I could to stop the hacking. First I changed my password and secret question, but that didn't help. What did help though was to delete all of the names + addresses in my contact list. No contact list, no way of infecting the contact list. It's really a pain in the a$$ to have to go to my MS Word page (on which I copied my contact list) if I need to send an email --- but it's better than having to change my email address with all the vendors who have it and all of the websites where I routinely use it. (And I can get a lot of the email addresses I need from my inbox list, so it's not so terrible.) Oh, by the way, another thing I started doing, that is very simple, but I had never bothered to do it before, is that EVERY time I leave my email website, instead of just closing the screen, I take the time to actually log off. I think that being permanently logged on leaves you very open (literally and figuratively) to being hacked, whereas if your email url is officially closed, maybe, at least some of the hacking technology can't hack the site.

Rei Tumult said:

It's risky enough using full SSL secured email services (Google Mail, etc) over a public network (hotspot, etc) because if the connection drops out of secured mode, everything is in the open. It's much worse though with services that only encrypt the login then used this rand key service (Hotmail, Yahoo, etc.)

My personally policy is never to log into my emails / shop online while using a public network, as there's no way to know if someone is using a packet sniffer in the network.

Besides, I've noticed some differences between a normal and premium Hotmail account. On my free account, there is no pin option. While on my premium Hotmail account that I got from the University I attended last year-- it had a four pin security option.

Although it is a good safety practice not to use access secure sites at such times, for times when you will be using a public computer (i.e., at an internet cafe, airport, coffee shop), with Hotmail, all it takes is clicking "request a code", and a one-time use authentication code will be sent to a private proof point (mobile phone or alternate e-mail address). By using a single-use code on a public computer instead of your password, you avoid the chances of it being stolen by key-loggers.

I also skipped adding my cell phone number. I don't use text messaging anyway. However, with the alternate e-mail address, secret question and trusted PC, there are still those options for recovering an account.