What To Do When Your Email Gets Hacked

You just received a call from a friend or co-worker indicating they just received a suspicious e-mail from you. You quickly realize that your e-mail account must have been hacked, now you need to get the bad guys out of your account.  Here are a few steps to get your account back into working order:


Step #1:  Change your password

The very first thing you should do is lock the hacker out of your account.  Since the hacker may have installed malware on the computer you typically use to check e-mail, you should consider using a different computer.  Make the password a "strong" password, this means it shouldn't be:  password, your dog's name, your kid's name, someone you are in a relationship with or anything else that could be picked up from your Facebook page.

Step #2:  Reclaim your account

The reality is only the lucky ones have some virus that sends a mass e-mail to contacts.  For the rest of us the hacker has managed to change the password too, locking you out of your account.  If that's the case, you'll need to reclaim your account.  Usually this is a matter of using the "forgot your password" link and answering your security questions or receiving a one-time code.

Step #3:  Enable two-factor authentication

Set your email account to require a second form of authentication in addition to your password whenever you log into your email account from a new device.  When you log in, you'll also need to enter a special one-time use code the site will text to your phone or generated via app.

Step #4:  Check your email settings

Sometimes hackers might change your settings to forward a copy of every email you receive to themselves, so they can watch for any emails containing login information for other sites.  Check your mail forwarding settings to ensure no unexpected email addresses have been added.

Next, check your email signature to see if the hacker added a spammy signature that will continue to peddle their dubious wares even after they have been locked out.

Last, check to make sure the hackers haven't turned on an auto-responder, turning your out-of-office notification into a spam machine.

Step #5:  Scan your computer for malware

Run a full scan with your anti-malware program.  You do not have an anti-malware program on your computer, right?  If not, download the free version of Malwarebytes or another malware solution.  Even if you run an anti-virus program you need to do a specific scan for malware.

Step #6:  Find out what else has been compromised

Many users will keep user names/passwords and other login information on their email system.  Do a search for "password" in your e-mail system and see what you come up with.  All of these accounts should be considered compromised.  You will need to login to everything and change those credentials.

Step #7:  Prevent it from happening again

While large-scale breaches are one way your login information could be stolen - last summer, Russian criminals stole 1.2 billion usernames and passwords - they're certainly not the only way.  Many cases are due to careless creation or protection of login information.

Google released a study that reveals most people choose passwords based on readily available information, making their accounts hackable with a few educated guesses.  Easy passwords make for easy hacking, and spammers use programs that can cycle through thousands of logins a second to identify weak accounts.

Picking a strong password is your best protection from this type of hacking.  It also is prudent to use a different password for each site or account, or, at the very least, use a unique password for your email account, your bank account and any other sensitive accounts.  If you're concerned about keeping track of your passwords, find a password management program to do the work for you.

You also need to be mindful or where you are when accessing the internet.  Computers in hotel lobbies, libraries and other public places are perfect locations for hackers to install key-logging programs.  The computers are often poorly secured and get used by dozens of people every day who don't think twice about logging into their email or bank accounts or entering credit card information to make a purchase.  The best practice is to assume that any public computer is compromised and proceed accordingly.