Hotmail users getting locked out

Some users of Microsoft's free online e-mail client are getting locked out of their accounts, with at least one person's account being used to make an emergency money request.

Robert Vamosi Former Editor
As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.
Robert Vamosi
3 min read

Imagine getting an e-mail from a friend or family member with the following subject line: "ITS IMPORTANT YOU GET BACK ME TODAY."

CNET is aware of a couple of Hotmail users who have recently gotten locked out of their accounts. In one case, someone who had hacked into an account sent a desperate-sounding e-mail asking for money under the account holder's name.

Microsoft had no direct comment.

The body of one of the e-mails, sent to a CNET reporter, reads:

"I am in a hurry writing this mail. I had a trip to oxfordshire, United Kingdom for an urgent event . Unfortunately for me all my money got stolen at the hotel where i lodged from the attack of some armed robbers and since then i have been without any money i am even owing the hotel here,So i have only access to emails,my mobile phone can't work here so i did not bring it along. Please can you lend me $1500 so i can return back and settle the hotel bills i would return it back to you as soon as i get home, I am so confused right now. You can have it sent through western union."

The owner of the Hotmail account was confirmed to be at home, safe.

"If a customer at any time suspects their account has been accessed by an unauthorized party, they should contact our customer support team, a Microsoft representative said.

That's exactly what a second locked-out Hotmail user did in early May. Microsoft support staff responded with the following message: "Thank you for your message to MSN and Windows Live Privacy. I understand you are having difficulties accessing your MSN Hotmail account because you believe someone has gained unauthorized access to your account. For assistance with this issue, please contact the MSN Support staff using the (following) form." The message is signed by Raktim from MSN and Windows Live Privacy.

After filling out the form, several weeks passed, and the Hotmail account holder said he has still received no further response from Microsoft.

"Microsoft is committed to helping consumers have a safe, secure, and positive online experience," a company representative said Thursday. In the case of the first e-mail, Microsoft worked with the owner to restore her access. In the case of the second, it's still pending. "As always, we reiterate our general guidance to customers to help protect themselves and their accounts by exercising extreme caution when opening unsolicited attachments and links from both known and unknown sources, and that they install and regularly update antivirus software," the representative said.

Without addressing what might have occurred regarding the second person's account, Microsoft appears to be blaming the user: if you had used more caution, you probably wouldn't be in this situation.

The Microsoft representative mentioned the company's online security and safety best practices for customers, including specific guidance on how to help protect your Windows Live ID account security. But when it comes to protecting your free Hotmail e-mail account, users appear to be without much recourse.