Unusual sign in activity

Bit of a shocker this morning, as woke up to a text that said it was from microsoft saying there had been unusual sign in activity on my hotmail account. Of course I didn’t click on the link in the text. I immediately went to my outlook page and went into the security page and looked up the last sign ins. And it absolutely amazed me what I found. Below is a screenshot that seems to show various sign in attempts from many countries. Now changed my password to something far more complex, but just wondered if this was normal, as it looked like many attempts to try and get into my mail account - a bit alarming!

image2059×1586 315 KB

It’s one of the reasons why I won’t use hotmail.

There seems to have been some sort of mass hack attempt with Hotmail if my entirely non scientific evidence is anything to go by. I have at least 3 friends who have had password crack attempts overnight, all of them thankfully old unused, almost forgotten about accounts not current ones (although of course sometimes the old ones are the better ones for hackers as you forget what you’ve actually got them linked up to), but yeah, there’s definitely something going on. It will be interesting to see whether the tech press picks up on it and can elaborate on what or who is behind it.

I imagine the wider-scale the assault, the bigger the prospect of something being broken and letting in the hackers. Googling it suggests it’s a continuing problem.

As @kirsteastevenson suggests, not many people use Hotmail any more. I’m not aware of any particular weaknesses in it but the fact that it’s a relatively old technology might mean that the passwords people use for it are less secure (ie shorter) than what we use nowadays, and so easier to crack.

Changing your password to something substantially longer, with numbers and non-letter characters (assuming that’s what you’ve done) was a good idea!

Yes changed password to long alphanumeric with special characters so think it would be very difficult to crack. I would imagine microsoft security is as good if not better than most other mail accounts, but maybe it’s just down to it being one of the popular common accounts. Who knows, but at least it’s possible to see visibly what’s going on and be prewarned to take the necessary action. Couldn’t imagine what it’s like to have an account hacked

You could use Microsoft Authenticator. I do for my email, Paypal etc. Works on my phone and tablet.

I’ll give that a try - thanks alot for the reco - appreciated!

I suspect most email services will suffer from this - it is not Hotmail’s fault that people are trying to hack email accounts.

Even my completely private IMAP server has seen 82 attempted (failed) logins in the past 5 weeks - an average of over two per day although for some reason it was much higher at the beginning of October - up to 5-6 per day for a few days.

Also most of the attempts seem to include correct domain names so it is more sophisticated than scanning for machines with open ports, someone has taken the trouple to figure out which IP address hosts my email and specifically attacks it. Some attacks even try to use legitimate email accounts for me or my wife suggesting that they are using spammer’s lists of email addresses to harvest mail accounts, then attacking the servers which run those accounts, even if they are low volume private machines.

Can you imagine how many email addresses in the spammer’s lists end in @gmail.com?

This is unlikely to be personal - just hackers chancing that someone has an email server with an open account called “admin”, password “admin” or throwing common passwords against real accounts on Hotmail/gmail/Yahoo/etc. servers.

My SMTP server sees similar but higher volume traffic looking for open relays.

This is even running fail2ban (though to be fair I could do with tightening the setup) which blocks IP addresses which have too many failures.

Authenticator set up and works wonderfully! So hopefully now as bulletproof as is practical to make oneself without going down a rabbit hole of complexity I’m going to be very interested to see how many log in attempts continue to be logged, as haven’t ever seen so many as today’s experience

This is why a complex password with 2FA is the way to go.

I don’t use Microsoft’s app so not sure if this is possible but if it is then I recommend backing up your details whenever you add a new account.

When I first used 2FA I used Google’s app on a phone which I then broke. When I got my new replacement phone it was a ball ache having to set it all up again.

It’s the reason I now use an app called Authenticator Plus, because it allows you to export and import all your accounts.

So last night at 3am local time someone in India charged 1291 rupees to an uber account “using” my Wise account and it was let through. They then tried to get money another 4 times each being denied. I noticed this morning and froze my account, and an hour or so later there were another 4 attempts to get larger amounts of money.

I have put a claim in to Wise for a refund.

But how did they extract money without authentification? And has changing password done enough to make it safe to unfreeze my account ? I think I might wait a long time for a response from Wise.

Very disturbing. I hope you get some answers from Wise. I would be keeping my account frozen until I had the answers.

According to xe.com, that’s about 15 €. Could it be there’s less checking of small amounts? I hope not.

Like you, I used Google Authenticator. I’m now using Eufy. I guess they’re all similar. I was pleased that Eufy moved “automatically” onto my new iPhone and works without problems.

Having just taken a look at the recent sign in activity again, only 3 attempts from the US yesterday, so substantially reduced versus the initial deluge of attempts from the great many locations. It seems like this is now the norm. Now need to see if there’s a similar way to see sign in activity with my gmail and apple accounts, as would be interesting to see the comparison.

It’s possible to buy account details (not legally, of course). I’ve seen spreadsheets showing account numbers, passwords and other such details. Of course, the more information the malefactor has, the more valuable the resouce.

I imagine suddenly someone has acquired your account number etc. and sold the details on.

Usually, your normal watchfulness will prevent problems even if this has happened, but let’s hope Wise provide some answers.

Wise have now cancelled my card and dumped the problem on visa.

I had a similar thing happen to me awhile ago with my Hotmail account. I don’t think Hotmail is as secure as other email providers. I now use Gmail. So far it hasn’t happened again.

I don’t think I’d be so sure. I’ve just tried to find out how many ‘failed sign in attempts’ have been made on my gmail account and they don’t make this transparent like hotmail, which doesn’t build too much confidence.

I’ve just tried to look up which one out of the two is regarded as more secure and the general thought seems to be that they have the same level of security and that it’s down to personal preference. I think Gmail is better at stopping spam though. When I had Hotmail (a long time ago) I had lots of spam plus so far I’ve not experienced the same attempts to hack my account. Touch wood. If you’re happy with Hotmail then hopefully changing your password will be enough but I didn’t feel safe using Microsoft anymore. Hope it doesn’t happen again to you.