Why so much spam with Hotmail + is Hotmail secure?

[juno_first]

For years my Hotmail.com has been receiving about a dozen spam emails every day, fortunately all these go to the junk folder. Although very often genuine emails go to the junk folder too, so I have to constantly check the junk folder as if were the Inbox, just without the notifications.
These very often include pseudo emails from myself I'm unable to block & the usual HMRC stuff. I've blocked hundreds of emails over the years & even found the actual source email & manually input that into the blacklist but all this has no effect.

A couple of times there was a sudden surge in spam, notably after my email/unique password was hacked from the Oneplus phone website, then I started receiving 20 Chinese spam emails every day but that has now stopped.
The second surge in spam traffic was when I took my Samsung phone to a local Samsung repair dealer shop to replace a cracked camera lens cover on a S7e, they said it would cost £20 but they'd have to remove the back panel & to call back after a few days once they received the part + they wanted my email too. A few days past & on my return they were very unhelpful & said they could not source the part or fix it. Then I suddenly started receiving an extra dozen spam emails/day for a few weeks. I then ordered a £5 lens cover from Amazon & fitted it myself in 5 minutes

I recently had my first iPhone & stopped using Google & instead Duckduckgo. Then spam emails dropped from a dozen per day to 3... the lowest in years.
Although, after a few weeks they've started to creep up again. Especially after running the LinkedIn app I started receiving bogus LinkedIn emails, but after uninstalling LinkedIn these emails stopped, this happened before with Android!
The most worrying thing is I emailed a friends iCloud email from my Hotmail on a new iPhone with hardly any apps installed & now he's receiving bogus LinkedIn emails pretending to be from me, even though he's not on my LinkedIn.

As my Hotmail is 20yrs old & linked to many online accounts it would be a huge task to change my email on all these accounts, but if I changed it to eg iCloud or Gmail which have never received spam, would these emails then become dirty?

See the screenshot below which is very typical, even though I have 2 step verification on my Hotmail does the activity below suggest that Hotmail email traffic is being monitored by auto bot hackers who are grabbing genuine email addresses I use & then email those too? Or more worrying have access to the email content I send & receive?
I use complex/unique passwords for most websites & the more important the site the more complex the password.

 

[andshrew]

You might want to edit your screenshot unless you want your e-mail address to be even more exposed.

Personally I think you're trying too hard to link events to an increase or decrease in spam emails. As you've said your account is old, it's been involved in numerous data breaches (search for your address on https://haveibeenpwned.com/) and so it's forever going to be on these known email address lists which spam mailers buy. It's not uncommon to see many attempts to sign in to your account either. The reality is there is not much you can do.

If you move to another email provider like Gmail you might find they're better at blocking spam emails, and it will inevitably receive little in the way of spam initially but over time as you actually use the account you're going to start receiving them again.

If you do want to try to minimise it the best way is to make use of email address aliases and, for example, have an address you'll give out to people and another for things you want to keep more secure and only use on select web sites.

 

[juno_first]

Thanks yeah it’s a very old email address.
Maybe email is a victim of its own success.
Maybe it’s best to setup a comprehensive white list & ignore the junk folder or aliases as you suggest.
Considering the data breaches that have happened & will happen emails will never be between just you & who you want to have it. Making email a bit useless considering the scumbags out there & idiots believing fake emails.

 

[Hotwired]

Every time you've ever filled in your email address and given it away to a company you've risked them bundling up yours with a bunch of others and selling it on. You can never know who's doing it.

My oldest address is regularly sent garbage from all over because I use it for any old sign ups and general use.

The one used for work only and shared never gets nothing.

 

[juno_first]

That’s a good idea. An email for general use and an email for important stuff.
Just how a bogus LinkedIn email pretended to be me & sent to someone’s email who’s never had junk before is scary. Purely because I used the official app on a new iPhone.

 

[stockhausen]

Hotmail was hacked in the last century when Microsoft "enhanced" it!
The then active email accounts were posted in the public domain.
Every (interested) person and his dog must have this address list by now.

 

[juno_first]

An email address is just for Christmas and not for life.
If you want a dog to fetch the mail without chewing it up then use a different dog for every type of letter.
Apart from scumbag senders of course, they deserve a special address straight to Hell.

 

[jpaul]

linkedin was compromised too, as haveibeenpawned will testament, and presumably your 'friends' there, and hotmail addressbook, could have been taken, back then.

From your comments it doesn't sound as though you install arbitrary android apps, but maybe review any you installed;
apple ecosystem/appstore seems to be more secure though.

 

[juno_first]

Yeah LinkedIn always starts up a new wave of junk mails but only for the time the app is installed on Android or iOS.
Thinking of creating an alias for each login then if 1 becomes compromised then I know the site and can set a new clean alias. If that’s how it can work.
There’s just so many login requirements these days, or just get a Nokia 3310