Helping people with computers... one answer at a time.
Once your Windows Live Hotmail account, or contact list, has been hacked or compromised, there are several steps to clean up after you get it back.
My husband's Hotmail contact list has been hacked and a phishing paragraph was sent to them. Now it appears whenever he tries to forward an email. How do we get rid of it?
It's unusual that only the contacts would have been hacked into, and it's more likely your entire Windows Live Hotmail account has been compromised.
Frankly, I'm surprised you still have access.
But, given that you do, there are several steps you should take immediately, to recover from the damage that's been caused. One of those steps should take care of the phishing paragraph that's showing up.
I'm going to assume you're using Windows Live Hotmail's web-based interface. In fact, many of the steps we'll take will need to be taken there.
The very first thing you should do is very simple: Change Your Password. This is so important, I'd go so far as to say do it now; before even reading the rest of this article. It's the first step to slowing down (though perhaps not preventing) the hacker from continuing to access your compromised account.
There are now several things you must change to regain total control of your account.
Start by clicking on the Options item in the far right of the Windows Live Hotmail display:
In the drop down menu that appears, click on More options.
On the resulting "Manage Your Account" page, click on View and edit your personal information. That will take you to a page much like this:
The short version is that while your hacker had access to your account, they had access to everything here. If they didn't change it, they likely could have seen important information that you might care about.
For everything that makes sense, change it.
Change your password: as I mentioned above, to prevent the hacker from accessing your account.
Change your security question: to prevent the hacker from having changed it and using it for a password reset after you change your password.
Change your alternate e-mail address: to prevent the hacker from requesting a password reset to an account that he may have changed this to.
Change your mobile PIN, or remove your mobile number completely.
In billing options, consider removing or changing the payment method listed, and be sure to keep an eye on that credit card's statements in the future.
Also review the Additional options at the bottom of this page, making sure that the hacker didn't change permissions, marketing preferences, or anything else relating to your account.
That's the high priority stuff, but there are still plenty of things that need to be looked at.
Return to the "Manage Your Account" page. You'll want to double check almost every option listed on this page, as the hacker may have altered it while he had control of your account.
In particular, I'm guessing that you want to take a look at the "Personal e-mail signature" settings.
As the text of the feature states, the text in your signature is "added to the bottom of each e-mail message you send". I'm guessing that your hacker added his own personal message here, and that it's being automatically added to every message you send. Remove it.
In reality, if your hacker has been thorough there's a lot of damage they can do, and it can be a lot of work to re-construct your account. Remember that your Hotmail account is really your account for all Windows Live services, including Messenger, Spaces, Groups and who knows what else. While they had access to your account, they had access to all of that. And that means that they had access to any and all options relating to those other services in addition to Windows Live Hotmail.
It simply goes to underscore the importance of keeping your account safe, choosing a strong password, keeping it secure, and in general keeping your computer safe on the internet.
Prevention is so much easier than trying to clean up the mess after a problem.