go change your password right now.

If all you gave them was your password then all they can do is get in and see your emails so change it before they do.

My concern is whether that message is from hackers or a legit message from MS.

where it wasn't immediate. Hotmail should have an 800 number you can call and they will walk you through the steps to make sure it gets changed - if you call them it should be legit.

here's a legit url: https://account.live.com/resetpassword.aspx

that's the link you get when you go to hotmail's "I think someone hacked my account" link.

to something totally and completely new. Make sure you're navigating to that from within Microsoft/Hotmail menus.

It is doubtful anyone's done anything to your account to compromise it this quickly. But, if you're unable to enter your normal password and get into your account then you immediately need to go to the support section about believing your account to be compromised, because now it will have to be solved from Microsoft's side of things.

I'm tired as hell and sincerely hope that made sense. Just don't waste any more time!

saying that a reset will take up to 24 hours. Does that sounds legitimate? And ss I can't get in I can't access the support section.

your name, BD and CC info password, etc, means you could be wiped out asap.

Did you send your BD and CC info??? Your SSN??

hackers would only have my name but I did enter my hotmail password
so they would see my Mastercard bill. My hotmail has some very personal emails which I don't want anyone to see.

Maybe getting another email service. I use a small internet service provider - they know me by name and have amazing anti-spam filters.

The pages look legit but the Hotmail info page doesn't say anything about resets taking up to 24 hours.

account on Gmail, Yahoo, or whatever. Then send out a broadcast email to your various business contacts telling them that your previous address has been compromised, this is now your new address, and please use the new one from now on.

Then sort out the old address.

Get a domain name and use that for e-mail. Yes, it costs money - like $13/year - but the actual security is worth it. I've got 92 domains right now, all paid through a year from now or longer. Hotmail and gmail are notorious for being hacked.

to everyone in your e-mail list, using a subject line you gave them, and possibly containing viruses and/or spam and/or phishing.

Just do it right away.

That's not hacking, it's phishing but not too different.

Change your password.

http://www.democraticunderground.com/10021864946

Kill the Password: Why a String of Characters Can’t Protect Us Anymore

By Mat Honan
Wired
Nov 15, 2012

-snip-

Since that awful day, I’ve devoted myself to researching the world of online security. And what I have found is utterly terrifying. Our digital lives are simply too easy to crack. Imagine that I want to get into your email. Let’s say you’re on AOL. All I need to do is go to the website and supply your name plus maybe the city you were born in, info that’s easy to find in the age of Google. With that, AOL gives me a password reset, and I can log in as you.

First thing I do? Search for the word “bank” to figure out where you do your online banking. I go there and click on the Forgot Password? link. I get the password reset and log in to your account, which I control. Now I own your checking account as well as your email.

This summer I learned how to get into, well, everything. With two minutes and $4 to spend at a sketchy foreign website, I could report back with your credit card, phone, and Social Security numbers and your home address. Allow me five minutes more and I could be inside your accounts for, say, Amazon, Best Buy, Hulu, Microsoft, and Netflix. With yet 10 more, I could take over your AT&T, Comcast, and Verizon. Give me 20—total—and I own your PayPal. Some of those security holes are plugged now. But not all, and new ones are discovered every day.

The common weakness in these hacks is the password. It’s an artifact from a time when our computers were not hyper-connected. Today, nothing you do, no precaution you take, no long or random string of characters can stop a truly dedicated and devious individual from cracking your account. The age of the password has come to an end; we just haven’t realized it yet.

More: http://www.wired.com/gadgetlab/2012/11/ff-mat-honan-password-hacker/all/

the person trying to get in access.

To get access back I had to provide acct info like the last subject lines of emails sent, file names and BD. Maybe AOL is different but hotmail had me through hoops because I couldn't remember subject lines of emails i had sent and providing file names wasn't enough so my first request was denied. Luckily i got back in when i was able to tell them what incoming emails I had recently recd. WHEWWWW. I am so relieved that I have never done anything financial online, not even online banking.

Snagglepuss is in a dilemma and is clearly stressed. While maybe in another situation, this may have been a funny response, imho here it was not.

mea culpa