Fix Your Hacked Hotmail Account

Hotmail has been merged into Microsoft’s Outlook.com Microsoft Account services. If you have been locked out of your account or have observed suspicious behavior (for example, unfamiliar emails sent from your address or unauthorized purchases associated with your account) then it’s likely your account has been hacked. Go to the Microsoft account recovery page and select the “I think someone else is using my Microsoft account” option to begin the recovery process.[1] Don’t forget to use a strong password when you reset!

Steps

Changing Your Password

  1. Login to your account. If you are still able to access your account, then a quick password change is the easiest way to regain control.
  2. Press the gear icon to access settings. The gear icon appears in the upper right corner next to your account name.
  3. Select “More Mail Settings” from the menu. This is the fourth option below the color swatches and will take you to an options page.
  4. Click “Account Details” to access the language menu. This button is the first option under the “Managing Your Account” header.
  5. Click “Change Password”. This button is under the “Password and security info” header and will open the password form.
  6. Enter your old and new passwords into the text fields and press Save. You will have to enter your new password twice to ensure there are no typos. Passwords have an 8 character minimum and care case sensitive.
    • Optionally you can set Microsoft you force you to change your password every 72 days on your account by selecting the checkbox above the “Save” button. Frequent password changes will help prevent future attacks on your account.
    • Set a Create-a-Secure-Password with a mix of capital and lower-case letters, numbers and symbols.
  7. Login to your account to verify the changes. You should let your contacts know that you have regained control of your account.

Regaining Access to Your Account

  1. Go to the Microsoft Account login page. Microsoft will sometimes temporarily lock accounts it believes to have been used fraudulently. This method will work if you’ve been locked out by this system or if your password has been changed by the person accessing your account.
  2. Click “Forgot my password”. This button is below the username and password text fields and will take you to the password recovery page.
  3. Select “I think someone else is using my Microsoft Account” and click “Next”. This will take you to the account recovery page.
    • Selecting a reason why you think your account has been compromised is optional and does not impact the recovery process.
  4. Enter the email address you suspect has been compromised into the first text field.
    • For example: examplemail@hotmail.com.
  5. Enter the captcha characters into the second text field. Captcha is a random set of characters used to make sure you are not robot or script trying to access the site. The characters appear in an image above the text field.
    • If you are having trouble identifying the captcha characters, press “New” for a new set of characters or “Audio” to have the characters read to you.
  6. Select a method to receive a security code and click “Next”. If you have a backup email or phone number associated with your account, select it from the list and a code will be sent to that address/number. Enter the code onto the page and you will be redirected to reset your password.
    • Some characters of your backup email/number will be censored for security reasons, so you will need to be able to identify the email or number from the first and last few letters/numbers
    • If you don’t have backups associated with your account, choose “I don’t have any of these” and you will redirected to the “Recover your Microsoft Account page”.
  7. Enter an email address on the Recover your Microsoft Account page and click “Next”. The email should be one to which you still have access. A window will appear prompting for a security code sent to that email.
    • If you do not have another email, you can create a new Outlook.com account by selecting the text field and clicking “Create new account”.
    • Enter the security code sent to your alternate email and click “Verify”. You will be redirected to a questionnaire form prompting you for information such as name, birthday, passwords used, recent email subjects or contacts, email folders created, or billing information, in order to help verify that the account in question is yours.
  8. Complete the form with as much accurate information as possible and click “Submit”. Once the form is submitted, wait up to 24 hours for a response. If the information provided was sufficient you will be provided with a link to reset your account password. If not, you will receive an email informing you the information was not sufficient to recover your account.[2]
    • You will receive an error if you have not filled the form with enough information before submitting. The minimum amount will vary based on the amount of information associated with the account.
  9. Reset your password. If you received a password reset link, you will be taken to a page to create a new password for your account. You will have to enter your new password twice to ensure there are no typos.
    • Passwords have an 8 character minimum and care case sensitive.
    • Set a Create-a-Secure-Password with a mix of capital and lower-case letters, numbers and symbols.

Resetting Your Account’s Language

  1. Login to your recovered account and press the gear icon to access settings. If you recover your account and find it changed to a foreign language you can reset it from the settings menu. The gear icon appears in the upper right corner next to your account name.
  2. Select “More Mail Settings” from the menu. This is the fourth option below the color swatches and will take you to an options page.
  3. Click “Language” to access the language menu. This button is the second option under the “Customizing Outlook” header on the right.
  4. Select your desired language from the list and click “Save”. All language listings will display in their native alphabets.

Recovering Deleted Messages

  1. Login to your recovered account and click “Deleted”. If you think some of your mail has been deleted when your account was compromised, it may be recoverable. The “Deleted” button is one of your mail folders that appears in the sidebar on the left.
  2. Scroll down to the bottom of the page and click "Recover Deleted Messages." Successfully recovered will be placed into the “Deleted” folder.
    • There is not a specified time range in which deleted emails can be recovered. Any emails that could not be recovered are lost forever.[3]
  3. Right-click emails you want to save and select “Move > Inbox”. Messages that remain in the Deleted folder will get deleted and removed periodically. Moving the messages you want saved out of the Deleted folder will make sure that the emails are not lost again.

Tips

  • Let your friends and family know that your account has been compromised so that they can avoid communications from the account.
  • Remember that even though you recovered you account, the hacker may have saved your contacts or data. Focus on securing your account for the future and be mindful of the data that passes through it.
  • Make sure you keep your Windows up to date to ensure you have the latest security enhancements for your OS. On Windows 10, automatic updates are always on, but you can manually check for them by going to “Settings > Update and Security > Check for Updates”.
  • Download an antivirus program that includes automatic updates. It is possible that your email account was compromised by malicious software on your computer. An antivirus program can help to detect and eliminate malware and help prevent future infections.
  • Be vigilant about your web use! Avoid downloading files from unverified sources and use extreme caution responding to emails that ask your for personal information.

Warnings

  • Be careful when accessing your e-mail on a public computer. Be sure that you don't check boxes that say "Remember this computer," and make sure that you close all browser windows when you finish your session.
  • Never reply to an e-mail that asks for your Hotmail address and password.

Related Articles

Sources and Citations