In need of some help

[Jaded_Dragons]

First off let me ramble out a disclaimer. I am not in the security or networking profession, I know little to nothing about it, and I make no claim that I know the vaguest thing about it. I stumbled across this site while making a last ditch search on the internet for a solution to my problem. My problem is not of the professional nature, if anything it is of the opposite. I have no idea if I'm even in the right forum to post this, but I'm hoping that someone that reads this can help me somehow. What caused me to stumble across this site was a really really old post asking if someone knew how to get into someone's hotmail account. Now I'll not take a stab at the langue, hack, crack, etc. because I'll use it wrong. The person asking the question was heavily criticized for their intentions in asking the question, which were less than admirable. My problem is this. Somehow, someone with the right program, knowledge, whatever, got into my email and changed the password. I've had this password for a good 6 months, so it wasnt forgotten, and it was a random verb with numbers tacked onto the end, so it is extremely highly improbable that someone guessed it. In cases like these, hotmail gives you the option of answering a secret question. This would easily solve my problem, however my secret question is this: I hate when these fall out of my truck. The thought of someone getting into my email had never crossed my mind (consider me an ignorant newbie), so I hadnt changed my secret question in a good two and a half years. I sold my 92 Chevy S-10 a good two years ago, and the answer has either been changed or has slipped my mind, as time tends to cause things to do. I had no alternate email for them to send my password to, my Gmail account is simply one I recently set up to transfer files from my old computer to my new one. Can anyone out there help me reset my password? I've given up on hotmail's tech support, the only solutions they give me are the two I already explained, and all responses are automated, so I can't even find a person inside hotmail to see if there are any other possible ways to reset my password. Once again, I dont even know if I'm on the right forum, much less the right site, but it seemed a few people knew a lot about the subject. If anyone is willing to help me, I can't tell you how much I would appreciate it. My MSN contact list has about 140 people on it whose emails would be highly difficult to remember, and my hotmail inbox has a lot of emails in it that I've been worrying about losing. Any help at all is appreciated, I just have no idea how else to get around this. Thanks


Kyle M. Gregg

[Soda_Popinsky]

Can anyone out there help me reset my password? I've given up on hotmail's tech support, the only solutions they give me are the two I already explained, and all responses are automated, so I can't even find a person inside hotmail to see if there are any other possible ways to reset my password. Once again, I dont even know if I'm on the right forum, much less the right site, but it seemed a few people knew a lot about the subject. If anyone is willing to help me, I can't tell you how much I would appreciate it.

The only way you're going to get that account back is through the official Hotmail way. If you're asking us to hack your email to get it back for you then you're out of luck.

Perhaps if you are proficient in server side languages and you have hosting on a server with PHP, you can attampt to grab the theif's IP address and file a complaint.
http://www.antionline.com/showthread...hreadid=260660

Here's some advice:
Save yourself the trouble and find workarounds with other email providers, because you've been screwed. It's not worth the fight, Hotmail gets thousands of requests like yours a day, and probably won't care about you in particular.

Sorry...

[Jaded_Dragons]

Unfortunately my problem is that. I only know the day that the person hacked into it, and roughly the time. I know absolutely nothing about IP's, only vaguely the command how to pop up my own. I figured such was the case with hotmail, although I figured it might be worth a shot to see if anyone knew a way. I'd heard rumor of a program that could get you the password to an email, but it seems like just that; a rumor. On the day that the password was changed, I had signed into MSN Messenger on one of Clark State's computers. I don't know if it saved my password or not, but I don't know that it matters if it did, because you have to type the password to change it, and saving it in Messenger wouldn't save it for the needed prompts in Hotmail. *Deep sigh*

[Jaded_Dragons]

Did you say that if the person is using my hotmail I can get their IP to file a complaint?

[nihil]

Basically, you cannot "hack" hotmail, those days have long gone, and attempts to hack would be rapidly detected.

Accounts become "compromised" for a variety of reasons all of which tend to trace back to a lack of security awareness on the part of the user.

One of the first problems is using public computing facilities, they are not revenue generating, so do not merit particular care or attention in the eyes of the provider. They could quite easily contain a keylogger, that would provide sufficient information for identity theft.

The most popular method of stealing account information is "social engineering". This is relatively easy when you are dealing with a "bot" rather than a real person. All you have to do is provide the answer to the "secret question". Most people very foolishly give the true answer............errr how naive can you get YOU MUST GIVE A FALSE ANSWER..............then you are secure.

In general I would say that you are stiffed, end of story.You could try writing to Hotmail, but I doubt if it will get you very far, just let them know that they are responsible for any wrongdoings involving that account, as they have been informed of the situation. You might also inform your local law enforcement agency responsible for cybercrime, and let them know that you have an identity theft problem. That might at least cover your a$$ if someone does something naughty with your account.

Then it is time to review your "lessons learned" and move on.

1. If something is important save it independently.
2. If mail means so much, THEN PAY FOR IT!!!!!!!!!!!!!!!then you have a nice contractual liability, and will get to talk to a real human

One of the things that is "free" with free e-mail is support..................they are all support free

[TheSpecialist]

Basically, you cannot "hack" hotmail, those days have long gone, and attempts to hack would be rapidly detected.

What do you mean by "those days"? What day would that be?

On the day that the password was changed, I had signed into MSN Messenger on one of Clark State's computers. I don't know if it saved my password or not, but I don't know that it matters if it did, because you have to type the password to change it, and saving it in Messenger wouldn't save it for the needed prompts in Hotmail. *Deep sigh*

That would most likely be your problem, like alot of other people... you didn't notice the word public within the phrase public computers. Why anyone would do anything besides browse around on those networks or worse yet... expect privacy is beyond me. Alot of old versions of MSN messenger base64 encodes everything doesn't it? Haha! My god thats comical.

[nihil]

TheSpecialist

What do you mean by "those days"? What day would that be?

I am going back to the start of Hotmail, and in the UK at that............but it was possible to use dictionary and brute force attacks...............if you had the time/money/patience.............I am afraid that I cannot give you precise dates, but I would guess about 8 years ago, probably closer to 10?

Do not mock the aged...............we may forget, but we still have the T-shirt

My point was to attempt to attack the mail provider would be suicidal, these days.

Hope that explains........

[bigb]

This is slightly off the point, but still relevant, so hang with me for a second...


A few years back, back in 'those days,' I used to work as a database programmer for one of the more sucessful (pre-bubble) non-hotmail web email services. This being the case, I had access to all of our account information, ect... ect... One field was for an alternate email. So, Since people have a tendancy to try to keep things simple for themselves, I decided to try an experiment. It turned out that out of 50 people, 42 used the same password for our system that they did for the alternate they provided.

Not surprising, but still... (before anyone freaks, I didn't read anyones email or do anything like stealing/screwing their account.) If this ratio holds true to the entire membership base, there would have been more than 100,000 valid passwords, easy. As a result of my findings, I decided to work out a hash for our password storage.

My point is this. There is no guarantee that any service you sign up for online has any sort of protection for the information you provide. The people who are dealing with the data you provide might not be trustworthy. So don't give anything you might regret later.

This may be obvious to the majority, but it's still worth mentioning here.

[Jaded_Dragons]

Originally posted here by TheSpecialist
What do you mean by "those days"? What day would that be?

That would most likely be your problem, like alot of other people... you didn't notice the word public within the phrase public computers. Why anyone would do anything besides browse around on those networks or worse yet... expect privacy is beyond me. Alot of old versions of MSN messenger base64 encodes everything doesn't it? Haha! My god thats comical.

I mostly use any computer other than my own for simply research or browsing, but the computer I had used at Clark had been brand new with groupwise login names and the latest version of MSN. Obviously to me now, I made a mistake, but never having to have dealt with problems like this before, I didn't know that the one I was making was so obvious. As I claimed, I know absolutely nothing about internet security. Live and learn.

[Tiger Shark]

Bearing in mind the vast number of dollars you paid for the hotmail account why don't you just create another, email your friends with your new address, tell hotmail that since it has been hijacked you take no further responsibility for the account and forget about it.....

Pretty simple really....