Feeds

Why Hotmail users get so much spam

Default links to junk emailer easy pickings

  • alert
  • submit to reddit

High performance access to file storage

Hotmail has come under criticism for placing its subscribers' email addresses on a public Internet directory site when they sign up for the service, making them easy prey for spammers.

Customers signing onto Microsoft's free Web based email service are automatically added to Infospace's Internet White Pages directory by default, something that has got under the skin of privacy activists.

Uunless users opt-out by checking a box on Hotmail's registration form, their addresses can rapidly enter spammers' databases, as Infospace's privacy protection methods can be bypassed using a number of methods.

Usually, Infospace does not directly display a person's email address - listings link only to forms which can be used to send emails to recipients. However, according to an Associated Press report, these email addresses can easily be obtained by running a search from an easy-to-find "backdoor" page, among other techniques.

Microsoft's defence from criticism on the issue is also far from convincing.

A feature called "In-box Protector" allows Hotmail users to filter out most, but not all of their spam messages, but this really doesn't go far enough in helping users to deal with junk email.

For one thing Microsoft sees Hotmail users inclusion on the Infospace directory as a "consumer benefit" - an attitude we feel it would surely change if it had to pay for the cost of downloading spam itself.

The software giant also says it's complying with its privacy policy because users can choose whether to be on the Infospace directory or not, but this misses the point. It's easy to overlook the relevant box and users can easily end up with a listing they really don't want.

Everyone would be a lot happier if Microsoft dropped the default registration to Infospace, and only a cynic would suggest that Microsoft's commercial relationship with a directory firm, judged more important than the needs of its Hotmail users, is preventing it doing so. Surely not. ®

Related stories

Hotmail punts user email addresses to advertisers
Hotmail hoax email: spam or we kick you off!
Official: Spam costs E10 billion
Spam filters don't work shock new survey
MS Hotmail caves to Harris over spam blocking
New MSN client swipes your email, spams your friends
Doctors forced to use Hotmail for confidential medical records
Microsoft confirms Web site blackout

External links

Infospace.com

High performance access to file storage

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
NSA denies it knew about and USED Heartbleed encryption flaw for TWO YEARS
Agency forgets it exists to protect communications, not just spy on them
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.