Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 126 - March 2012 (1st Edition) - Page 13

Hotmail Account Closure Phishing Scam

Issue 126 Start Menu

Previous Article            Next Article

Email purporting to be from Hotmail Customer Care claims that the recipient must confirm his or her Hotmail account by replying with account login details within within a specified time frame or risk having the account closed down.

Brief Analysis
The email is not from Hotmail or Windows Live. In fact, it is a phishing scam designed to steal webmail login details.

Bookmark and Share
Detailed analysis and references below example.

Last updated: 17th February 2012
First published: 3rd December 2009
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


(Submitted, February 2012)
Subject: Disruptive Virus Alert

Windows Live Hotmail Essentials

Dear Account User,

Special notification email messaging from Windows Microsoft™

This Email is from Msn-Live-Hotmail Customer Care™ and we are sending it to all Msn-Live-Hotmail Accounts Owner for safety. We are having congestion due to the anonymous registration of Msn-Live-Hotmail accounts so we are shutting down some Msn-Live-Hotmail accounts and your account is among those to be deactivated. We are sending this email to you so that you can verify and let us know if this account is still valid? If it is, The following information is needed to verify your account: Your User name, password, date of birth your country information.

Click on the reply button and fill in your information:

User Name:....................................
Date of Birth :...............................
Country or Territory........................

Warning!!! Account owner that fails to verify his/her account after two weeks of receiving this warning will lose his or her account permanently.

After following the instructions in the sheet, your account will not be interrupted and will continue as normal. Thanks for your attention to this request. We apologize for any inconvenience.

Warning!!! Account owner that refuses to update his/her account after 24 Hours of receiving this warning will lose his or her account permanently

(Submitted, December 2009)
Subject: Windows Live Hotmail Alert!!!


Dear Account Owner

This Email is from Hotmail Customer Care and we are sending it to every Hotmail Email User Accounts Owner for safety. we are having congestions due to the anonymous registration of Hotmail accounts so we are shutting down some Hotmail accounts and your account was among those to be deleted. We are sending this email to you so that you can verify and let us know if you still want to use this account. If you are still interested please confirm your account by filling the space below.Your User name, password, date of birth and your country information would be needed to verify your account.

Confirm your E-mail by filling out your Login Information below after clicking the reply button, or your account will be suspended within 48 hours for security reasons.

* Username: ................................
* Password: ................................
* Date of Birth: ............................
* Country Or Territory: .................

The Windows Live Hotmail Team.

Detailed Analysis
This email, which purports to be from Windows Live claims that the recipient must reply within 24 or 48 hours or his or her Hotmail account may be shut down. According to the message Hotmail is "having congestions" due to anonymous registrations and the service needs to delete some accounts to overcome this problem. In order to avoid this imminent account closure, the recipient is instructed to reply to the email and supply his or her Hotmail username and password, along with other details.

However, the email is not from Hotmail or Windows Live. Instead it is a phishing scam designed to steal Hotmail account login details. Those who supply these details as requested will not be verifying their account as they expect. Instead they will be handing over access to their Hotmail or Windows Live accounts to unscrupulous cyber-criminals who will then use it for their own nefarious purposes.

One of the main aims of scammers in hijacking accounts in this way is to gain access to the compromised account's contact list. Once in the hijacked account, the scammers can then send further scam emails to those on the account's contact list that pretend to be from the real account holder. For example, they can send emails in the account holder's name that falsely claim that he or she has become stranded in a foreign country due to a robbery or baggage handling mishap. These emails ask the recipient to send money to help their hapless friend get home. Because the messages are being sent from the hacking victim's own webmail address and are likely to include his or her real name and email signature, at least a few recipients are likely to believe the claims in the email and send money as requested. Of course, the friend is not really stranded overseas and any money sent will be pocketed by scammers. At this early stage of the scam, the real owner of the compromised account may not even be aware that his or her account has been hijacked.

Scammers have used almost identical tactics to target users of other email services including Yahoo. Another, more generic, version of the scam targets users of any webmail service. Other variants take a slightly different approach by claiming that users must submit login details due to a recent system upgrade or because of a technical problem such as an exceeded account storage limit. No legitimate webmail provider is ever likely to request that users send their login details or private information via an email. Any message that makes such a request should be treated with suspicion.

Bookmark and Share References
Friend Stranded in Foreign Country Scam Emails
Yahoo Account Phishing Scam Email
Webmail Account Phishing Scam
Email Exceeded Storage Limit Phishing Scam

Previous Article            Next Article

Issue 126 Start Menu

Pages in this issue:
  1. Strawberry Quick Methamphetamine Warning
  2. Hoax Warning: Lost Child Lure - 'New Way for Gang Members to Rape Women'
  3. Hoax - Right To Be Connected to an Australian Phone Rep
  4. Hoax - Eating Shrimp and Taking Vitamin C Can Cause Death by Arsenic Poisoning
  5. Ashley Flores Missing Child Hoax
  6. Hoax - Facebook Will Pay One Dollar Per Like to Help Baby With a Face Cancer
  7. AICPA 'Tax Fraud Accusations' Malware Emails
  8. RIAA Notification of Copyright Violation Malware Email
  9. Giant Snake in Electric Fence Photographs
  10. Cruise Control Hydroplane Warning
  11. Facebook Gold Status Membership Advance Fee Scam
  12. Ectopia Cordis Sick Baby Facebook Hoax
  13. Hotmail Account Closure Phishing Scam
  14. 'Thomas Romany's Stuff' Warning Message
  15. Mark Zuckerberg and Apple Partnership Survey Scam