Phishing attacks getting through to Hotmail

19

Over the last few weeks I’ve had several Phishing attempts get through to my Hotmail address. They’re really obvious “your account has been suspended click here to unlock it”, type attempts for Amazon etc. Anyone else seen a spike in these getting through?

Comments (19)

19 responses to “Phishing attacks getting through to Hotmail”

  1. Paul Thurrott

    Yep, I have. I probably get about one a week. I mark them as Phishing and report them, of course. But they're so obvious, it's unclear how they get through.

    • tdemerse

      In reply to paul-thurrott:

      Have you seen an uptick lately? Seems like lots of people have seen an explosion in junk messages getting through. Reminds me of a few years ago when it was later revealed the outlook junk filter had failed.

      • txag

        In reply to EnterpriseT:

        I'm getting deluged with phishing emails on outlook.com; it's been going on 2 or 3 weeks now. Most of them are from a (misspelled) bank.


        The thing is that all I can do is throw them in the trash. They have somehow captured the control that would let me block the address (though I suspect that wouldn't really help).


        These people have figured out how to really attack outlook; I haven't seen anything from Microsoft that suggests they know or care.

        • Winner

          In reply to txag:

          GMail is really excellent at filtering this sort of thing out.

          • Paul Thurrott

            Eh. I see issues on Gmail as well. Neither of these are great, honestly.
            • txag

              In reply to paul-thurrott: I almost never see spam in my Emil account. But then again, Google is a sucker of personal information, so that’s not really an advantage. I’m giving away all my information just by using gmail.


              • bill_russell

                In reply to txag:

                Have you ever experienced any hardships in life by having "personal information sucked" by google? If I type in a search phrase, did they just violate my privacy? I just don't understand these abstract complaints of some sort of harm caused. All I know is I get no spam or phishings in gmail.

              • minke

                In reply to txag:

                I get almost no SPAM or phishing stuff in my Gmail Inbox and it has been my main account since 2006 I think. One advantage of seeing so few non-legit emails is they stick out like a sore thumb when they do come through. However, I can't recall seeing one in months.

      • illuminated

        In reply to EnterpriseT:

        I have not seen anything extraordinary. Generally the email traffic tends to get a bit crazy around holidays since everybody has "deals".

  2. seattlemike

    Yep, I've recently received a huge spate of phishing spam on Hotmail as well.

  3. Lauren Glenn

    I get so much spam through hotmail.com that the answer is probably yes but it's buried under all the other spam emails . My spam filter is overloaded with crap.


    It has gotten to a point where I don't click on any links in any email because they do things like say "your Netflix subscription is on hold" or "a large purchase was made from your iTunes account", etc. Even though Outlook Mail on the PC has that safelink address (which makes it harder to see if the real address shown is the right one in the link), I still don't trust it.

  4. garythornberry

    Yes, I've seen an increase in phishing attempts AND junk mail. Since Hotmail and Outlook are "consumer" products, I wonder if Microsoft cares. There has been a request for better filters on these email accounts for a l-o-n-g time. Things did get better for a little while, but they are bad now.

  5. waethorn

    I stopped getting these ever since I got rid of Microsoft, Apple, and Google email accounts.

    • waethorn

      In reply to Waethorn:

      Like the truth or not, if you want a good email system you gotta pay for it. These free email accounts are a joke compared to any half-decent commercial service. I've used a number of different commercial email systems from even just basic web hosting providers and they all get ZERO spam, even with email addresses that I've advertised and given out on business cards. I just don't get spam or phishing emails. Most of this stuff can be blocked by standard DKIM and DMARC policies, which only takes 2 DNS records. I'm now using ProtonMail, but I've used email from Namecheap, FastComet, Zoho, and a couple others. The last time I even saw a phishing email was with G Suite for business mail, and before that, almost daily with my personal account that I had with Outlook.com (their domain, not a custom one), which I haven't actively used for nearly 5 years now, and which I shut down altogether nearly 3 years ago.

  6. techguy33

    Most of these phishing emails are comically bad and easy to spot, however they are getting more sophisticated to the point that I NEVER click on a link in an email even if I am 95% certain its legit. I just open a new browser and go directly to their site.

  7. minke

    Haven't noticed anything unusual with my outlook.com address, but I still get lots of legitimate emails going straight to Junk. Doesn't matter how much I note they are not Junk, they still end up there. Things like marketing emails from companies I do business with.

    • txag

      In reply to Minke: The only way I have had any luck with this is to mark each one with the "Add to safe senders" mark. Not a guarantee, but it does improve performance.

      All the 'scripts' that let you move and position email seem to fail from time to time.


  8. wright_is

    I've always gotten PayPal attempts, although they've trailed off in the last year or so - funny, because I never had a PayPal account. I had to set one up recently, but I used my spam-adress for registering that.

  9. techguy33

    I get similar Netflix, AppleID mails that are obviously phishing so I dont know why they get through. I always use the "Report this email as Phishing" back to MS so they can improve their AI filtering

  10. ashakantasharma

    I used to getting large number of SPAM emails earlier and got rid of all of them by reporting such emails to many sites which checks and blacklist these emails from origin. The best way to report spam to stop coming in is by reporting to that person’s ISP/Internet provider. In Gmail it’s really easy after opening up the email you click on show original. Once you have done that it will show SPF: there will be an IP Address there IE 192.168.0.0 you can take that IP address and go to whois.arin.net in the search bar put in the IP address of the person who sent you that email. Arin will tell you who the abuse email complaint you sent to is. IE [email protected][email protected][email protected][email protected][email protected] etc Now it will also tell you if you need to visit another IP registry page. Whois Arin is only for America, Ripe.net is for Europe. Latin america has their own so does Africa and Asia. From there you’ll be able to plug in the IP address and it will give you the abuse complaint box to let them know you are getting spam from one of their customers. Now in order to file the complaint you just need to include the email headers nothing else. If you don’t include the email headers then your complaint will be rejected. In Gmail its called show original and you see Delivered-To: and it will be long copy all that compose a new email with the subject of spam coming from your network, to the abuse box of that ISP and paste the email header in the body of the email and send it off. It really helps cut down on spam coming to your email box. I have pretty much gotten mine to almost be none existent.


    Register on spamcop.net where you can report such emails and you will also be provided a user specific email address where you can forward all these emails as attachment and rest assured these emails will be dead for sure.


    Hope this helps....