In the past year or so, my Microsoft Network email account (@msn.com; Hotmail with a different suffix - I access it through hotmail.com) has been hacked three times. Each time, I become aware of the problem when my inbox starts filling up with two types of messages:
1. "undeliverable mail, returned", often with an identifier for a person I rarely, if ever, communicate with or to a clearly secondary email address for somebody. Obviously, there's a problem in the email address (it no longer exists, there's a typo, etc.) and the system returns the message to me.
2. "What is going on?" from people I actually do know. If that person has quoted "my" email in full, then I can see what was purportedly sent from my account. Embarrassingly, sometimes these messages are along the lines of "I haven't heard from you in ages! How are you doing? Why haven't you sent anything non-spam to me in so long?"
My sent mail box doesn't contain these outgoing messages. There is apparently some vulnerability in Hotmail that allows a malicious bit of software to read my list of contacts (even if they're not email addresses I've taken the trouble to actually add to "My Contacts") and send out a spam message to that list, all without going through the parts of Hotmail I can actually see.
Hotmail switched from its own long-running unique email program to the online version of Outlook about a year ago, a move I lamented at the time because I knew Outlook's structure is well-known to those people who create such malware. Some large fraction of all viruses I have encountered are built specifically to exploit Outlook, and prior to Hotmail's switch I was effectively immune to all such nastiness. This is one major reason why I have never been particularly exercised about computer viruses - the vast majority of them have no effect on my computer beyond a bit of diverted processor resources when they accumulate, uselessly scanning my computer for their own triggers, based on Outlook or a number of prominent, mostly American, financial websites.
This repeated failure to address a clear security issue in Outlook, combined with Microsoft's terrible, terrible interface issues (the other reason I hate to use Outlook is just how goddam clunky it is - it's like they went out of their way to put tiny little barriers in the way of everything I want to do) and the byzantine weirdness that is the simple (and recommended-to-be-frequent) task of changing one's password (this slows down the hackspam, for a little while) has prompted me to switch my primary email to Google's we're-probably-not-evil system. The move to Gmail was suggested by a family friend on Facebook - thanks Don!
Given the way Google's tentacles extend so far across the internet, this is proving fairly straightforward so far - between Google and Facebook I've already switched over at least 80% of the non-individual email I expect to receive (that is, emails from computers rather than from actual people). The next part, in which I ask people who know me to switch their contacts list to the new address, begins now. This will probably take some time, but eventually I will be able to delete my @msn account and end this stupidity for good.
Wednesday, February 12, 2014
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment