Being well-versed in e-security and protecting my digital identity, I never do things like post my personal details in public places. So, you’d think I’d be one of those people who has a different password for every internet account too, or at least someone who changes their password regularly.
This time last week, someone somehow managed to hack into my Hotmail account. This is worrying on two levels - firstly, how did they get hold of my password? Secondly, have they managed to access anything that was linked with that account? It just so happens that most of my digital footprint is linked to that email account - banking, social media, online shopping... the lot.
But really, I’m most concerned about them getting my password, because I use it for everything else. Surely an opportunistic hacker would look at the emails in my inbox and try that same password with all the accounts he came across? I’m sincerely hoping he just ‘hacked’ in, without ever knowing the password.
Anyway - it’s a total pain in the bum. My email account is gone, and my entire contacts list (of 350-odd people, many of whom I haven’t contacted in years) received an email, ostensibly from me, saying I have been mugged and am stranded in a foreign country, and if they could loan me money to get home I’d be ever so grateful.
Fortunately, most of the friends that I know well enough to turn to in a jam know me well enough to be certain that it wasn’t my typing. I had a deluge of messages on Facebook saying ‘I knew it wasn’t you… the spelling and grammar was terrible!’
Having said that, a few still cared enough to worry that it might be genuine. One messaged me on Facebook saying he had transferred me £1000, and would I be so kind as to transfer it back via a Nigerian offshore bank account?
Ok, so no-one actually parted with cash, but some did still think it could be real.
But for all the security issues, I think the worst thing about the whole affair is the sense of violation that someone has managed to get into my personal email account, with sentimental and embarrassing rubbish going back to 2003.
So anyway, Hotmail was very good about giving me the account back pretty quickly once I found out what was going on and provided the help team with some information about my account that only I should know.
They gave me a link to change my password, which I duly did (along with any other instance of the compromised password I could think of on other web accounts) - I went in, checked my email, tidied things up after the hacker, and pruned back my contacts list, stripping out the dud addresses and people I haven’t spoken to in ages, leaving 50-something. Much better.
Imagine my surprise later when I went to log in again and found that I was being denied access once more. Then a slow dawning of understanding: ‘Oh, sh... ugar.’
Being an absolute moron, I forgot to change the secret question and security information, so the hacker has gone right back in and changed the password.
I’m now waiting for Hotmail to get back to me so I can change my password again. A cautionary tale for you all - when you’re changing your password, don’t forget the security questions too!!
And try not to use exactly the same password for everything. I had a lucky escape this time, as none of my other accounts seem to have been hacked - you never think it will happen to you, but it might!
On a final serious note, Hotmail gives you the option to link all your email accounts, for convenience’s sake. Don’t. If I had linked my other email accounts, all the eggs would have been in one basket and would have all smashed together. As it is, I had a back-up account.
About the author
Azaria Frost came to BCS in mid-2009, joining the Institute as a web editor right in the middle of the exciting transformation period. She originally trained in English and creative writing at university, and is a self-confessed gadgetophile and grammar guru.