5 Things To Do If Your Email Account Is Hacked
Cybercriminals usually hacked your email account to access your personal data. We link everything from online banking to federal taxes with our emails, recovery from a hack is extremely time-sensitive. You’ll have to act fast and carefully if you want to minimize the damage to your identity, finances, and protect those around you.
According to Verizon’s 2017 Data Breach Investigations Report, 1 in 131 emails contained malware in 2016, the highest rate in 5 years. In addition, the amount of spam spewing into inboxes globally is at its highest rate since 2015. This is related to malware like Emotet and Trickbot stealing email addresses to feed spam campaigns.
According to the Radicati 2019 Email Statistics Report, the number of worldwide email users is set to reach almost 4.3 billion by 2023. What’s more, the report predicts that users will collectively send and receive 347 billion messages a day, up from an average of 293 billion in 2019. The ubiquitous nature of email combined with its continued growth makes your accounts a tempting target for hackers.
Scammers hack email accounts so they can send phony messages from a trusted email address in hopes of getting the recipients to take action. The ultimate goal could be to get these email contacts to send money, turn over personal information, or click a link that installs malware, spyware, or a virus on the victim’s device.
How To Know Your Email Has Been Hacked
You may get an urgent message from a friend or family member who received a suspicious email from you. They may ask if you sent the email. Or they may simply send these panic-inducing words: “You’ve been hacked.”
But you may be able to spot signs of trouble before you get tipped off by a friend. Here are three indicators that your email account has likely been hacked.
- You can’t log into your email account. When you try to log in, you may get a message that your username or password is incorrect. This could mean the hacker changed your credentials to lock you out of your own account.
- Your sent-messages folder looks odd. Your sent messages folder may hold scammy messages you didn’t write. Or, the folder may be sitting empty when you never deleted your sent messages.
- Strange messages appear on your social media accounts. If your latest Instagram post or tweet is touting some product you’ve never used, a hacker may have gained access to both your email and social media accounts. You email account can act as a gateway into other accounts. The hacker can simply click “forgot password” at login and have a password reset link sent right to your email inbox, which they now control.
Your email also may contain a wealth of information about your bank account, credit cards, and other financial accounts. A hacked email can put you and your email contacts at risk for identity theft and bank account or credit card fraud. If you think your email has been hacked, take quick action to minimize the damage.
If you become the victim of a hacked email account, here’s what you need to do to remedy the situation.
Change Your Password
The first step: Take back control of your account. If the hacker has locked you out, you may have to contact your email service provider for help. You will probably have to provide an array of information to prove your identity and regain control of your email.
If you do still have access to your account, make these changes right away:
- Get new username and password. Choose a strong password. Secure passwords or passphrases should contain at least 12 characters, including numbers, symbols, and a mix of capital and lowercase letters. Use a unique password for every account. Password managers offer an easy and secure way to create complex passwords and to keep track of your login credentials.
- Change your security questions. The hacker may have gotten access to your account by guessing the answers to security questions. They could hack your account again if you don’t change these questions and answers. Avoid choosing questions with answers that can easily be guessed or found online. For example, don’t choose “What’s your mother’s middle name?” if your mom routinely uses her first, middle, and last name on social media.
- Turn on two-step verification. Also known as multifactor authentication, this extra security measure typically requires you to enter your username and password along with a temporary passcode to get into an account. For example, the service provider may send the one-time passcode to your phone each time you try to log in. Without your phone in hand, a hacker will be much less likely to gain entry into an account that has two-step verification turned on.
Notify People You Know
When you’re considering what to do if your email is hacked, keep in mind you’ll have to protect your contact list as well. It is a good idea to tell your friends, family, and anyone else on your email contact list that you’ve been hacked.
During the period when attackers had control of your account, they could have sent dozens or even hundreds of malware-laden emails to everyone you know. This type of phishing attack in turn gives them access to a new set of victims.
You should notify your friend lists on other platforms as well. Email may be just one route the attackers take to bait your contacts. If they breached your social media or messaging apps, fraudulent messages could be sent from each of these.
Look For Signs Of Trouble
Hackers may make changes to allow them to get into your account again or even to continue to scam people after you’ve taken back control of the account. To prevent this, you should take these steps:
- Check your settings. Hackers who gain access to an email account may change settings to further compromise your security. Check your email signature to make sure it doesn’t contain any unfamiliar links. Look to make sure your emails aren’t being auto-forwarded to someone else. And get tips from your email service provider on any other ways you can make your account more secure.
- Scan for trouble. Look for signs of a computer virus on your computer, phone or tablet. These signs may include strange pop-up windows, slowness, problems shutting down or restarting, and unfamiliar applications on your device.
Review Your Computer’s Security
Most hackers collect passwords using malware that has been installed on your computer (or mobile phone if you have a smartphone). No matter which operating system you use, be sure your anti-virus and anti-malware programs are up to date.
Choose the setting that will automatically update your computer when new security fixes are available. If you’re already using an antivirus program, run an end-to-end scan of your computer.