If you find that your email has been hacked, one of your immediate reactions is wondering what you should next.
The answer: take a deep breath and jump into action. There are five steps can help you prevent or minimize any damage done by a compromised account.
So why do hackers go after email accounts? Fact is, that email account of yours is a treasure trove. There’s a good chance it contains years of correspondence with friends and family, along with yet more email from banks, online retailers, doctors, contractors, business contacts, and more. In all, your email packs a high volume of personal info in one place, which makes your email account a top prize for hackers.
Let’s take a look at how you can take back control of your email account, along with some things you can do to keep it from getting hacked in the first place.
You can’t log into your email account:
This one speaks for itself. You go to check your email and find that your username and password combination has been rejected. You try again, knowing you’re using the right password, and still no luck. There’s a chance that a hacker has gotten a hold of your password, logged in, and then changed the password—thus locking you out and giving them control of your account.
One of your contacts asks, “Did this email really come from you?”
Hackers often compromise email accounts to spread malware on a large scale. By blasting emails to everyone on your hacked contact list, they can reach dozens, even hundreds, of others with a bogus email that may include an attachment that’s infected with malware. And no doubt about it, some of those emails can look a little odd. They don’t sound or read at all like the person they’re trying to impersonate—you—to the extent that some of your contacts may ask if this email really came from you.
On the flip side, this is a good reason to never open attachments you weren’t expecting. Likewise, if you get a somewhat strange email from a friend or business contact, let them know. You may be the first indication they get that their email has been compromised.
Slow and erratic device performance:
A sluggish device could be a sign of malware in general. The thing with malware is that it tends to act like a system and resource hog, which may cause your device to run slowly, to turn off and on again suddenly, or even run hot. In some cases, the malware is logging keystrokes on your computer or taps on your phone to siphon off things like usernames and passwords so that a hacker can take control of the accounts associated with them—such as your email, not to mention your bank accounts. This makes a strong case for antivirus and antimalware protection that’s automatically kept up to date to protect against the latest threats.
What should I do if my email is hacked?
1) Change your passwords:
Change your password for your email account if you can. Make it a strong, unique password—don’t reuse a password from another account. Next, update the passwords for other accounts if you use the same or similar passwords for them. (Hackers count on people using simpler and less unique passwords across their accounts—and on people reusing passwords in general.) A password manager that’s included with comprehensive online protection software can do that work for you.
2) Use your email provider’s recovery service, if needed:
In the case where you’ve been locked out of your account because you think the hacker has changed the password, your email provider should have a webpage dedicated to recovering your account in the event of a lost or stolen password. (For example, Google provides this page for users of Gmail and their other services.) This is a good reason to keep your security questions and alternate contact information current with your provider, as this is the primary way to regain control of your account.
3) Reach out to your email contacts:
As mentioned above, a big part of the hacker’s strategy is to get their hooks into your address book and spread malware to others. As quickly as you can, send a message to all your email contacts and let them know that your email has been compromised. And if you’ve done so, let them know that you’ve reset your password so that your account is secure again. Likewise alert them that they shouldn’t open any emails or attachments from you that were sent during the time your account was compromised.
4) Scan your device for malware and viruses:
Also as mentioned above, there are several ways that a hacker can get a hold of your email account information—one of them by using malware. Give your device a thorough virus scan with comprehensive online protection software to ensure your device is free from malware. Set up a regular scan to run automatically if you haven’t already. That will help keep things clean in the long run.
5) Check your other accounts:
Sometimes one bad hack leads to another. If someone has access to your email and all the messages in it, they may have what they need to conduct further attacks. Take a look at your other accounts across banking, finances, social media, and other services you use and keep an eye out for any unusual activity.
The bigger picture: Keep tabs on your identity
More broadly speaking, your email account is one of the several pieces that make up the big picture of your online identity. Other important pieces include your online banking accounts, online shopping accounts, and so on. No question about it, these are things you want to keep tabs on.
With that, check your credit report for any signs of strange activity. Your credit report is a powerful tool for spotting identity theft. And in many cases, it’s free to do so. In the U.S., the Fair Credit Reporting Act (FCRA) requires the major credit agencies to provide you with a free credit check at least once every 12 months. Canada provides this service, and the UK has options to receive free reports as well, along with several other nations. It’s a great idea to check your credit report, even if you don’t suspect a problem.
Beyond keeping tabs on your identity, you can protect it as well. Online identity protection such as ours can provide around-the-clock monitoring of your email addresses and bank accounts with up to $1M of ID theft insurance in the event your identity gets compromised. Additionally, it can put an identity recovery pro on the case if you need assistance in the wake of an attack or breach. Taking a step like this can help keep your email account safer from attack in the first place—along with many others as well.