David Baxter PhD
Late Founder
Hotmail adds "my friend's been hacked" reporting feature
By Ryan Naraine, ZDNet
July 14, 2011
Faced with the sobering reality that about 30 percent of all Hotmail spam comes from compromised e-mail accounts, Microsoft has added a nifty “My friend’s been hacked!” reporting feature.
The crowd-sourcing feature, which can be found in the “Mark as” menu, lets users report compromised accounts directly to Hotmail.
“When you report that your friend’s account has been compromised, Hotmail takes that report and combines it with the other information from the compromise detection engine to determine if the account in question has in fact been hijacked. It turns out that the report that comes from you can be one of the strongest “signals” to the detection engine, since you may be the first to notice the compromise,” according to Microsoft’s Dick Craddock.
Once an account is marked as compromised, Craddock said two things immediately happen:
We’ve already identified thousands of customers who have had their accounts hacked and helped those customers reclaim their accounts. And we’ve found it to be very effective and fast. Accounts that you report as compromised are typically
returned to the rightful owner within a day.
The company also plans to prevent their customers from using one of several common passwords when creating Hotmail accounts.
By Ryan Naraine, ZDNet
July 14, 2011
Faced with the sobering reality that about 30 percent of all Hotmail spam comes from compromised e-mail accounts, Microsoft has added a nifty “My friend’s been hacked!” reporting feature.
The crowd-sourcing feature, which can be found in the “Mark as” menu, lets users report compromised accounts directly to Hotmail.
“When you report that your friend’s account has been compromised, Hotmail takes that report and combines it with the other information from the compromise detection engine to determine if the account in question has in fact been hijacked. It turns out that the report that comes from you can be one of the strongest “signals” to the detection engine, since you may be the first to notice the compromise,” according to Microsoft’s Dick Craddock.
Once an account is marked as compromised, Craddock said two things immediately happen:
- First and foremost, the account can no longer be used by the spammer.
- When your friend attempts to access their account, they’re put through an account recovery flow that helps them take back control of the account.
We’ve already identified thousands of customers who have had their accounts hacked and helped those customers reclaim their accounts. And we’ve found it to be very effective and fast. Accounts that you report as compromised are typically
returned to the rightful owner within a day.
The company also plans to prevent their customers from using one of several common passwords when creating Hotmail accounts.