I’ve had a few family and friends now who have apparently had their hotmail email accounts hacked for the purpose of sending spam to all the people in their contacts (including me!)

The spam (who’s grammar should make it obviously not from the original sender) takes the form of

hi, how are you? recently, I got a nice site: www.nottheoriginalsite.com I brought some items from them. Wow, it is very nice. low price and good quality (iphone new model 3GS 16 GB only 385 euro) they also sell Wii, DJ, TV, laptop,camera and so on. how do you think? login and have a look at it! yours truly,

As best I can tell, they’ve done this either via guessing passwords or maybe via some kind of phishing attack. One reason for this belief is that for one incident I saw, the spam was saved in the sender’s “Sent Items” folder, just like other regular email that they had sent.

If you have a hotmail account, I’d strongly recommend you ensure your password is long enough to be extremely difficult to guess. A passphrase instead of just a password is probably the best way to do this.