Free Email Accounts get Hacked all the Time

Free email accounts often get hacked. Then, as you are not paying for support, you tend not to get very much.

If a hacker gets into your free mail account they can do some pretty nasty fraudulent email stuff like asking all of your contacts for money because you have had a nasty accident, sending spam or trying to get bank account details from people by saying you owe them some money.

Avoidance

Some suggestions:

• use a strong password that is not a dictionary word (or even based on one with number for letter replacements like 0 for o) and contains at least one of each of captial letter, lowercase letter, number, punctuation and is at least 8 characters long, with 15 being good. Using a phrase to create the password can work well (e.g. first letter of each word). more advice about strong passwords.
• login only from trusted computers to your free email account
• set the secret questions and other account/password recovery (if you have forgotten your password) answers to things that are effectively passwords. E.g. "what is your favourite colour?" with the answer of Hj39dk..39 is pretty hard to crack
• use paid for email for things that matter and free accounts for things like shopping and throwaway online registration

Methods to try and get back into your hacked email account

• try your password, probably it has been reset
• go for the "forgotten password" or "password reset" processes that are available, e.g. sending a new passwor to an alternate email address, although proabably the hacker has changed this
• try all other "forgotten password" methods such as answering secret question(s)
• find the formal process for dealing with hacked accounts with your service provide - example below for hotmail.

Mitigating the Damage - Warning People

Mail all of your contacts (hopefully you have these somewhere else, too) that your mail account has been hacked and that people should ignore mail from the address@domain.thing

Report your own email account for sending spam/fraudulent email.

What to do if you get your account back

If your account has been hacked and you managed to get back into it, then you need to tidy up very quickly (the hacker may also be logged in):

• change the password ASAP
• change the alternate email address ASAP
• change the secret question and answer to something strong - i.e. a password
• cancel all other login session (gmail allows this with the "details" link at the bottom of the gmail page) if possible
• check email forwarding and remove forwarding to email accounts you do not know
• check POP and IMAP settings in case those are enabled and they should not be
• check email filters for anything you did not setup
• make a 2nd login to your email account using the new password to check it is still what you set it to
• send a test email to your email account to make sure it is working
• send a test email to another email account from the one that was/is hacked
• breath and think
• mitigate the damage by sending an email (bcc) to all of your contacts saying what happened - possibly with some personal information in it to prove it is you
• check you can login with the new password, once more
• purchase a proper email account and use that

Hotmail - Account Recovery / Reporting a Hacked Account

This is not easy to find, nor to do, but once you get the report in you typically get what is left of your account back in a few days.

Useful links:

• Welcome to Windows Live ID and Account Management Help
• Account Compromise - Unauthorized Account Access. How to Recover Your Account
• Account Password Recovery

Information, below, from a forum.

"I managed to get my hotmail account back.
Go to the hotmail front page and select Help Central at the bottom right corner of the screen 
(it's on several windows live pages so you should be able to find it elsewhere pretty easily). 
On the page that loads select the 'search for' text box and type in Account Hacked and press 
enter. There will be two help topics come up, select What do I do if I think someone is using 
my Windows Live ID?
When the right hand pane has loaded select the link which says Report to Microsoft (it's 
right near the top).
This will load a new page with a form you will need to complete.

Where it asks what type of problem you have select 'sign in and password' then in the next 
drop down box select 'I think someone hijacked or hacked my logon credentials'.
I sent them a report late on the evening of the 7th, I recieved a reply on the morning of the 
10th (saturday) and had my email account back before noon. You will need to be able to provide 
as much information as possible including names of any sub folders, email addresses of people 
in your contact list, subjects of recent emails, just as much as possible, I included what my 
previous password had been and even the subjects of stuff that would be in the Junk folder!

I could not find any phone number to contact for this and as I understand it there isn't one 
for regular hotmail accounts.

When you get your account back, as well as changing the password/answer to secret question 
make sure you check all the profile information, whoever hacked my account had set up an 
alternate email address so any password reminders were being sent straight to him and 
location where I lived had been changed.

Good luck!!"