What to Do if Someone Hacks Your Email Account

How to protect yourself if, or even before, an unauthorized spammer uses one of your email accounts to send out spam:

Reset your email account password right away. If you cannot log in because an unauthorized party reset your password, then try to reset it yourself. If that doesn’t work, call your email company’s tech support.

Change your passwords on all of your accounts, mainly if you have ever used your email password for other accounts. Someone may have access to more than just your email.

Your username, and perhaps passwords (at least your old passwords that you may not use if you’ve changed them), have appeared on the dark web. You can visit haveibeenpwned.com to check if you want to and it is still a good idea to reset all of your passwords.

Be sure not to give real answers to the “security questions” like “where were you born.” It is too easy for someone to find those out. Give answers like “the fourth crater on the moon.” Keep the answers in an encrypted file (I can tell you how if you aren’t sure) or some other secure place.

If you haven’t already, enable two-step verification on your email account. You can enable two-step verification on your LinkedIn account too. For instructions go to LinkedIn dot com/help/linkedin/answer/544/turning-two-step-verification-on-and-off?lang=en

Look at the “sent” folder in your email client to see if there are any messages you do not recognize.

Review your websites, especially LinkedIn to see if an unauthorized person changed anything.

Consider using a password manager, such as LastPass or any other. That will help prevent attackers from finding your password if they have hacked your computer, but it is not a guarantee if they are using a keylogger to record your passwords as you type them in. That’s why the two-step verification is so necessary.

Use your computer’s function for applying critical security patches. Your computer may be set to update automatically, but run a manual check too.

Be sure to check to see if your anti-virus program is up to date and appears to be working. Force a manual scan. Unfortunately, anti-virus cannot detect all viruses. It is important to run, but if antivirus finds nothing and says your system is clean, that isn’t a guarantee that the computer is uninfected. But keep using anti-virus anyway.

If you ever use your phone or a tablet to send or receive email messages from this account, there is a small chance that someone compromised your device.

Apply security patches to your phone and tablet.

It is good to keep your phone and tablet in your possession or locked up where nobody else can access it.

It is unlikely, but possible that you installed an app that is harvesting your address book. Some apps state in their privacy policy that they are going to capture all of your addresses. Unfortunately, until something like this happens, most people agree to the privacy policy without reading it in detail. Modern smartphone operating systems can sometimes warn you if an app is trying to access your address book, but sometimes tools bypass that warning.

If you are concerned that an app or an unauthorized person is stealing your addresses via an app, you may want to reset your phones and tablets back to factory new. When prompted, tell the device to NOT restore from a backup. Set it up as if it is brand new and re-install the apps manually.

It is up to you whether or not you want to send an e-mail to the contacts in your address book telling them that someone is pretending to be you, and not to click on the link.

Please forward this to your friends so that, if someone appears to hack their email account, they will know what to do to.


Leave a Reply

Your email address will not be published. Required fields are marked *