COVID-19 UPDATE: How Data Doctors is preparing & responding. Learn more >

Hotmail users beware! - Security Alert (5/10/2000)


Hotmail Security Alert!!! (5/10/2000)


This question was answered on May 10, 2000. Much of the information contained herein may have changed since posting.

A new security hole in Microsoft's Hotmail web based e-mail service allows hackers to browse your email messages without a password

If a Hotmail user clicks on an attachment that contains a Javascript Trojan horse, an attacker can read, send, and delete messages from that person's account

The attack works when a Hotmail user clicks on an HTML attachment with an embedded Trojan horse The attachment intercepts's cookies -- which include a session key called MSPAUTH --and forwards them to the attacker's computer

With the MSPAUTH key, an intruder can obtain complete access to a Hotmail account, which also could include finding POP email account passwords stored with Hotmail.


Do not open any attachments to an e-mail message unless you know exactly what it is

If you would like a technical explanation of the attack go to:

<a href=""><font color="#003399"></font></a>

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!


Posted by Ken of Data Doctors on May 10, 2000