Steps To Take When Your Email Is Hacked
Think your email account may have been hacked? Most of us use email so often and from so many machines that it might be hacked one day. But don’t panic. Even if having your privacy invaded is extremely disturbing, it is possible to limit the damage and prevent future hacking attempts. Here are some simple tips to help you regain control of your email account and minimize future risks of compromised data.
What are the signs telling me my email account has been hacked?
Your password no longer works
Very often, changing your password is the first thing that hackers do when they’ve managed to hack your email account. This way, they try to prevent you from logging in.
Replies from contacts you haven’t written to recently
When your password has not been changed, you can still receive your emails as usual. You might then get emails from your relatives telling you they have received spam emails from you, or unusual messages (advertisements, messages expressed in a way that is not like you, or any odd message you’ve never sent to them).
Emails in your sent folder you haven’t sent
Spotting some emails you’ve never sent in your sent messages folder is another good indication your email account has been compromised.
Password reset notifications received in your inbox
Hackers sometimes try to change your account password on some websites to prevent you from using them. In this case, these websites will notify this password modification by sending you a confirmation. If you receive such messages although you’ve never requested these changes, it means you’ve been hacked, most probably with your email account.
Your connections history shows unknown connections
Regularly checking your connections history is always a good idea. Is there a connection with an IP address that’s not yours? Someone else might have compromised your account.
What to do if your email has been hacked
1 – Log into your account
Before you do anything else, evaluate how much damage is done. Log into your email account; if the hacker changed the password, reclaim your account by clicking the “Forgot Password?” link or its equivalent. Once you have access to your account, change your password right away (even if it’s not been modified). Make sure to choose a strong password, avoiding common mistakes.
Then check the security settings to revert any possible changes a hacker may have made:
- a change in the email address;
- a change of the phone number;
- a deactivation or activation of 2FA (two factor authentication)
- a potential email forwarding setting to transfer any email you receive to another email address you don’t have set up yourself.
2 – Assess damage
Change your password on critical websites!
Check your ‘inbox‘ and ‘trash‘ folders for password resetting emails that you didn’t request, as they indicate the attempts a hacker has already made to access your other accounts. Also, think of all the online shopping websites where you might have recorded credit card credentials, such as Amazon, Paypal and Netflix. Check also your phone and Internet access operators, your lodging’s owner and any utility company you might have allowed to make a withdrawal on your banking account. Modify all these accounts’ passwords to prevent hackers from accessing your banking details.
Some hackers target social network accounts to obtain information that will allow them to launch more targeted cyberattacks, such as spear phishing or whaling attacks. Prevent them from accessing this information by changing all your social network account passwords as soon as possible.
Check all your other accounts sharing the same password as your compromised email, if you have any. Modify their password too, ensuring to pick each time a new and unique password. Do the same with any other account remotely linked (external account, …) with the compromised account.
3 – Check your bank account
Was your bank account or another financial account (Paypal, for instance) compromised? Then, search for any irregular transactions. If it’s not done yet, activate SMS alerts for new transactions. In case you detect any malicious activity, contact your bank immediately and ask them to freeze your account (until things get under control).
4 – Check for sent spam
Some hackers hack email accounts to launch spam attacks. They generally use your contacts list, and send phishing or spam emails with your email address as the sender address. They aim to trick your friends into providing personal information, clicking on a malicious link, or downloading a malware-infected file.
It can be hard to tell if your account was used in this way, but checking your inbox for replies can help you determine if your contacts were targeted. If you do find some replies evoking spam, let the person know that you didn’t send the email and that your account was compromised.
5 – Check your apps
Once you have recovered your hacked email account, secured it again, and have dealt with the consequences of the hacking attempt, ensure that you can still access your account via your apps. If you use Windows Mail, Outlook, or another similar program, you’ll have to change the passwords on those apps. Every software is different, but for most, you’ll have to get into the “Settings” menu to make the change.
6 – Protect yourself from another hack
The risk of email hacking is increasing, but there are preventive measures that can help.
Choose a random phrase or phrase of at least eight characters, using a combination of uppercase and lowercase letters, characters and numbers, and don’t use actual words. Avoid using a password that you have already used for another account. Use password manager services like KeePass and LastPass. They will help you to create long and complicated passwords and also store them securely, avoiding the burden of memorizing them.
7 – Add extra layers of security
- Use two-factor authentication to secure email and other accounts whenever it’s proposed;
- Use an antivirus on all your devices and keep it constantly updated (activate the automatic updates);
Often, email intrusions have been made possible because of a previous malware infection allowing the hacker to get all your passwords. Check for any virus or malware launching a deep scan on your antivirus software on all your devices.
Go even further
Inform your friends, family, and company that you’ve been hacked
Hackers may use your email account to send phishing emails, including a ransomware or any other kind of malware such as a keylogger to all your contacts. It’s therefore essential to inform all of them your email has been compromised to prevent further damage to others. Don’t forget to contact all your contacts on social media, as the hackers may seek to prey on them too.
Report your hacking
If your data leaked online and you are a European Union resident, take advantage of the “right to be forgotten” law.
General Good Practices
- Backup regularly all your files;
- Learn to keep your data and your devices secure in all circumstances;
- Use a secure email solution such as Mailfence;
- Learn to spot all cyberthreats. Discover our Email security and privacy awareness course, a training course aiming to teach you how to protect yourself from today’s cyberthreats in a factual way, avoiding jargon and too technical explanations.
Mailfence is a secure and private email suite using end-to-end encryption, digital signatures and 2FA. It includes a calendar with polls and groups management, a chat service, contact management software and a document storage and management tool. It means you can work, communicate, share files and collaborate in a private and secure manner. Check about our free plan here to give it a try now!
– Mailfence Team
Share This Article
Salman works as an Information security analyst for Mailfence. His areas of interests include cryptography, security architecture and design, access control and operations security. You can follow him on LinkedIn @mohammadsalmannadeem