I keep getting spam msgs about an attempted hack into my hotmail.
I checked some MS sites looking for more info and found a way to see all attempts to sign into my account. I am STUNNED at the constant attempts. I have 2FA with Yubikey, so not too worried. But still amazed at the never ending attempts. The screen shot below is ONLY ONE DAY [what does that “Automatic sync” mean? ]
I have a few free email accounts like a Yahoo email, but don’t use them for anything important. My Gmail accounts are more secure.
Otherwise, I own many internet domains, all of which have email accounts. Hardly anyone knows they exist.
One problem with free generic accounts like AOL, Yahoo, Hotmail and others is that the world knows they are out there. Just by changing the username part and try someone elses account. They have millions of chances of getting a valid mailbox name. For example, Joe@hotmail.com, Joe1@hotmail.com, Joe2@…
If you have a personal domain like driojtj.com I don’t see hackers spending much time trying and failing at most names they try. There may only be robertpri@driojtj.com so they could try millions of names and never once get a valid mailbox where with (AOL for example) I would think almost every name is a valid email account.
I compare hacking emails like robbing someone. Would you choose a bank or a kids lemonaid stand? The bank has much more exciting possibilities to get something of value.
If you don’t want your own domain, use a service like Gmail where Google has access restrictions and some anti-hacking stuff built in. Personally I don’t use the Yahoo or Google browser email access, rather I use Thunderbird to access my Gmail, Yahoo and personal domain email accounts. This avoids having to read ads on sites like Yahoo while accessing mail.
It means the perp is trying to duplicate all of your data stored in your Google account to their sham account. That way they would have a duplicate of all the information you keep in that account.
“All my critical sites [mail, money] have 14-16 digit passwords, upper / lower case, symbols, numbers, etc]”
Consider what you said…
It doesn’t matter how intricate you passwords are. You are concerned that someone is attempting to hack in, not that they have guessed your password. It is not much different than Fort Knox being attacked from all sides and people not able to get in. It is the attack that is the problem. As PC Doctor implied, get a new account somewhere else, have the emails forwarded and start moving all email senders to the new account. The hacker can keep going after that old account and you will be able to delete it.
Thinking about it, I’m not surprised. I have used this same email account for 40 years, probably even longer. So, it’s been used on countless sites, so no surprise it’s out there. But my pw is something like GRvyWk$8%u&opkR1.
Hacking possible? Sure, but not likely.
I am disappointed MS has not extended max length of 16 digits and that has not changed in a decade. Going to MS security forum and hundreds [no kidding] have asked why not increase it.
The MS reply is gobbledygook explaining their testing proves 16 is enough.