News

Hotmail Announces Email Security Updates

27 Set/10

Microsoft on Monday said that they started to improve the email service Hotmail with security updates to protect legit user accounts from being hijacked. The term hijacker refers to malicious users who manage to get access to email accounts of Hotmail users, either by brute force, phishing or other forms of social engineering.

Like Microsoft, Hotmail users need to understand security concepts to keep their accounts safe. To support their users, Microsoft has created a short list of tips to protect the account. The list includes the following security tips:

  • Create a strong password
  • Use antivirus software
  • Add security information to your account
  • Don’t sign in on a computer you don’t trust
  • Don’t share your password
  • Check the address that appears in the address bar when you sign in

Microsoft has identified a shift in the strategy of hijackers, who in the past used newly created accounts for spamming purposes. Better recognition cut down on the effectiveness of those methods, which is why hijackers have started to target legit email accounts as well.

With today’s release, we are taking a step forward by detecting compromised email accounts, those co-owned by the legitimate user and the hijacker. We detect them with high confidence using heuristics based on login and account activity, and stop the abuse by locking the hijacker out and closing back doors they may have set up, like using vacation auto reply messages to send spam. At the same time, we begin working with the rightful owner to reclaim the account, recognizing the urgency of the issue.

Hotmail is now able to detect accounts that have been hijacked, and makes use of automatic routines to lock the hijacker out of the account, and work with the account owner to restore the account. Up until now, account owners were able to use an alternative email address that they setup or the answer to a security question to restore an account. From today on, two additional proofs are available for account recovery:

“Trusted PC” is a unique new proof that lets you link your Hotmail account with one or more of your personal computers. Then, if you ever need to regain control of your account by resetting your password, you simply need to be using your computer and we will know you are the legitimate owner.

The second new proof option is your cell phone number, where Hotmail will send a secret code via SMS that can be used to reset your password and reclaim your account.

hotmail security

hotmail security

Both new proofs can be configured in the Account overview window. To avoid the changing of those proofs by hijackers, changes to them users now need to access one existing proof to do so. A hijacker therefor would need access to the security answer, secondary email account, mobile phone or trusted PC to change the proofs.

Email providers like Hotmail do good to improve the security of their services, considering that they really missed out on those improvements over the past years.


© Martin for gHacks Technology News, 2010. | Permalink | Add to del.icio.us, digg, facebook, reddit, twitter
Post tags: , , , ,

Continua a leggere – Original Link: Hotmail Announces Email Security Updates

Technorati Tags: , , , , , , , , , ,

Realizzazione Sito Gestionale Immobiliare

Leggi Anche

Condividi
Condividi in DeliciousCondividi in DiggCondividi in RedditCondividi in StumbleCondividi in MixxCondividi in TecnoratiCondividi in Ok Notizie

Commenti

I commenti sono disabilitati per questo articolo.

I commenti sono chiusi.

Autore

Archivio

Iscrizione Newsletter

    Tieniti informato con tutte le novità del mondo informatico con la nostra newsletter
    Email:

    Nome:

    Auto Shop Italia
    Web Burning Blog
    Info Privacy

Meta