"...Apparently, he had received a message, seemingly from the Hotmail team, ... He naturally replied to the message in the affirmative and that was enough for the scammers to get hold of his password and hack into his account..."
First of all using Hotmail itself is bad enough. Second, he would have given his DOB, zodiac sign et al in reply to the mail. Hence, he paid the price for the stupidity. Phishing will only get worse.
