Could the Hotmail Servers be Infected?

Helping people with computers... one answer at a time.

Ask Leo! » Email » Email Providers » Windows Live Hotmail

I tried to help someone whose computer had been infected by the Nimda worm. After the computer was disinfected, and before my friend even used that computer again, she complained that all her contacts (in her Hotmail Contacts list) suddenly started getting virus attachment emails which appear to be sent from her Hotmail account -- even though she wasn't using the previously infected computer -- and wasn't sending them anything. She is sure the other computers she is using are well-protected and "clean". I had advised to her close the Hotmail account -- but, nevertheless, it's hard to believe the Hotmail servers are this vulnerable -- and if they are, how can she be sure she won't have this problem with another Hotmail account? There are additional issues -- but first, I want to be sure this is really the root of the problem at this point: an infected account on the Hotmail server.

•

Hotmail definitely has its problems, but this probably isn't one of them.

While someone's got a virus, it's not Hotmail. And it's probably not you.

But it might be someone you know.

•

First, realize that Hotmail isn't running mail software like you and I run. Hotmail, and other mail services, run custom software that is tuned for being mail servers - for collecting and delivering mail on behalf of customers. The "address book" that you see on screen is most likely stored on the Hotmail servers in a custom and undocumented format that would be near impossible to reverse engineer without direct access to the Hotmail datacenter. None of the current sets of viruses would have a clue as to what to do with it.

"... Microsoft related servers are some of the biggest targets for hackers on the planet."

That brings up another argument against Hotmail being hacked: for many, many reasons, I'm sure that Microsoft and Microsoft related servers are some of the biggest targets for hackers on the planet. You can bet that these are some of the best secured Windows servers in existence. From industrial strength firewalls to totally secured and locked down datacenters in undisclosed locations, Microsoft servers are well guarded.

Finally, if there were any kind of a security breach or problem, you know that Microsoft would be all over it as fast as is humanly possible - taking the service down if necessary to protect its customers.

So, no, I don't believe Hotmail has been hacked, or has any kind of infection.

So where's the mail coming from?

•

It's much more likely, and in fact very common, that another PC belonging to a regular computer user has been infected with a virus. In fact, I've seen some incredibly high estimates of the numbers of infected machines that are sending out spam and viruses. One of the things that these spam-sending zombies do is fake the "From:" line on the email that they send. It looks like it came from your Hotmail account, but in fact it came from somewhere else entirely. A quick look at the details of the mail header usually confirms this.

I've discussed this at length in an earlier article "Someone's sending from my email address! How do I stop them?!".

The bottom line is that there's actually little to be done other than, as you have already, make sure that your machines are protected and scanned regularly for spyware and viruses making sure that the scanners are up to date, using a firewall, and using common sense with a liberal dose of skepticism.

Article C2554 - February 13, 2006

Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

You may also be interested in:

Ask Leo! - Someone's sending from my email address! How do I stop them?!
Ask Leo! - How do I keep my computer safe on the internet?

Recent Comments

23 Comments

I'm having trouble reading my emails. I pick unread emails but it still doesn't let me read what the email says. Help me.

Posted by: linda kincaid at March 2, 2011 11:08 AM

Hotmail/Live Mail mainframe computers have been hacked since early April 2011. I reported this significant breach to Microsoft, including the identification of the hacker. Microsoft gave me a new Hotmail email address, much like the old one. Microsoft is working quickly to correct this major problem affecting all Hotmail/Live Mail accounts.

You sure it wasn't just an account that was hacked? Giving you a new Hotmail address is just opening up a new account. I'd have to see a lot more proof before believing that the Hotmail servers have been hacked.

05-May-2011

Posted by: Dana Karl Hall at May 5, 2011 6:11 PM

when i sign into my hotmail ,a page comes up telling me my hotmail account has been cancelled due to perhaps a hacker sending spam in my name.as of now i have no hotmail account and have no idea what to do about itplease help.by the way the spam is still being sent to all my contacts .

That's this article: What are my Lost Hotmail Account and Password Recovery Options?

10-May-2011

Posted by: Helen Butts at May 10, 2011 8:09 PM

I believe the Hotmail server is infected. My account has had the computer equivalent of AIDS for months. I opened a gmail account and no problems with it. I wiped out all my contacts in the Hotmail account and it started juse sending spam to me. When I changed the name in my profile frrom my name to MSN Hotmail virus the spam started comming from MSN Hotmail virus. I will never trust Hotmail again.

Posted by: Was Hotmail at March 19, 2012 7:03 PM

Help! I just got an email that says it's from the "Hotmail Customer Service" saying that they are switching the servers over to new servers & that my email will be deleted if I don't update my info. I was suspicious, so I did a little research. But came up blank. What do you think?? Here is a copy of the email---

Welcome to Hotmail.
Windows MSN Hotmail is faster, safer than ever before and filled with new ways to stay in touch. Due to increased spam and phishing activities globally, a DGTFX trojan virus has been detected in some of our servers. Your email account server will be upgraded with our new secure 1024-bit RSA key anti-virus firewall to prevent damage and spread of the virus. Click your reply tab, fill the columns below and send back to us for confirmation of the upgrade or your email account will be terminated to avoid spread of the virus.

* User Name:............................................

* Password:..............................................

* Confirm Password:.................................

* Country Or Territory: ..............................

Note that your password will be encrypted with 1024-bit RSA keys for your password safety.
YOUR DETAILS WILL NOT BE SHARED.

Find out what else is new or coming soon to Hotmail.
* You are receiving this message from Windows Live because you are a valued member. Microsoft respects your privacy. To learn more, please read our online Privacy Statement. For more information or questions regarding your e-mail account, visit Windows Live Hotmail Help.

Microsoft respects your privacy. Please read our online Privacy Statement.
Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA  2012 Microsoft Corporation. All rights reserved.

I tried calling Microsoft on the issue as well, but they don't give Hotmail help over the phone. Any help will be appreciated. Thank you, Angela

The message you've received is a common phishing scam. You should ignore and delete it. You will not lose your account. This article covers the topic in more detail: Is Windows Live Hotmail about to close my account?

09-May-2012

Posted by: Angela J. at May 8, 2012 3:15 PM

See all 23 comments...

Post a comment on "Could the Hotmail Servers be Infected?":

Name: (Required - will be included when your comment is published.)

Email Address: (Required - will not be published.)

Remember Me? YesNo

Comments: (You may use HTML tags for style)

Before commenting, please...

READ THE ARTICLE. A comment that shows you didn't will be deleted and ignored.
Comment only on the article. Use the search box at the top of the page if you have a question about something else.
NO PERSONAL INFORMATION in the comment. No email addresses. No phone numbers. No physical addresses.

Anything that looks the least bit like spam will be deleted. Links to unrelated sites or links that appear to be primarily promotional will be deleted, or the comment will be deleted.
Don't ask me to recover lost passwords or hacked accounts. I can't. Those comments will be deleted.
I can't respond to every comment. And I can't vouch for the accuracy of others who do.

Read Why didn't you answer my question? for hints on getting an answer.
By posting a comment you agree to the Terms of Service. Don't agree? Don't post.
READ THE ARTICLE. A comment that shows you didn't will be deleted and ignored. Yes, I'm saying this twice; you'd be amazed.

Please wait. Your comment is being processed ...

Question? Ask Leo!
The Tip Jar: Buy Leo a Latte!

Categories | Full Archive
By Date | Business Card | About

Advertisements do not imply my endorsement of any product or service.

Copyright © 2003-2012 Puget Sound Software, LLC and Leo A. Notenboom
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC
Terms, Conditions & Privacy
Product Reviews, Recommendations and Affiliate Links Disclosure

http://ask-leo.com/could_the_hotmail_servers_be_infected.html