If your email account has been hacked, would you know what to do? Changing your password isn't good enough. You'll also want to make sure the hacker hasn't set up your account to let him get back in or to keep spamming, even after he's locked out. Here's what you need to do to get everything back in order and keep hackers out of your account for good.
Step #1: Run a security scan on your computer
Run a full scan of your computer with your anti-malware software — don't do a quick scan, if that's an option. Sending email to your friends and family isn't the end goal for hackers. They want to separate you from your money and that means that they'll try to install keyloggers to get your passwords and other malware. We like Malwarebytes (free for Mac/Windows) as well as Bitdefender Total Security (check price on Amazon) and Symantec Norton 360 Deluxe (check price on Amazon).
Step #2: Change your password and security questions
The very first thing you should do is keep the hacker from getting back into your email account. Change your password to a strong password that is not related to your prior password; if your last password was billyjoe1, don't pick billyjoe2—and if your name is actually BillyJoe, you shouldn't have been using your name as your password in the first place.
Try using a meaningful sentence as the basis of your new password. For example, “I go to the gym in the morning” turns into “Ig2tGYMitm” using the first letter of each word in the sentence, mixing uppercase and lowercase letters and replacing the word “to” with “2.”
Don't just change your email password. Also change the passwords of any accounts that share the same password as your hacked email account and even those that are variation of that password. As an extra security measure, also change the passwords for any sites that story your credit card information, like your Nextlix, Amazon and credit card company.
For accounts that require security questions, change those as well. And if the questions are generic, like what's your mother's maiden name, lie when answering and record those answers in your password manager. If you want to be extra careful, use a password generator to create a nonsense answer.
Step #3: Reclaim your account
If you’re lucky, the hacker only logged into your account to send a mass email to all of your contacts.
If you’re not so lucky, the hacker changed your password too, locking you out of your account. If that’s the case, you’ll need to reclaim your account, which is usually a matter of using the “forgot your password” link and answering your security questions or using your backup email address.
Step #4: Enable two-factor authentication
Set your email account to require a second form of authentication in addition to your password whenever you log into your email account from a new device. When you log in, you'll also need to enter a special one-time use code the site will text to your phone or generated via an app.
Step #5: Check your email settings
Sometimes hackers might change your settings to forward a copy of every email you receive to themselves so that they can watch for any emails containing login information for other sites. Check your mail forwarding settings to ensure no unexpected email addresses have been added.
Next, check your email signature to see if the hacker added a spammy signature that will continue to peddle their dubious wares even after they've been locked out.
Check your "reply to" email address. Sometimes hackers will change your "reply to" email address to one they've created that looks similar to yours. So when someone replies to your email, it goes to the hacker's account, not yours.
Last, check to make sure the hackers haven’t turned on an auto-responder, turning your out-of-office notification into a spam machine.
Step #6: Find out what else has been compromised
My mother-in-law once followed the ill-advised practice of storing usernames and passwords for her various accounts in an email folder called "Sign-ups." Once the hacker was into her email, he easily discovered numerous other logins.
Most of us have emails buried somewhere that contain this type of information. Search for the word "password" in your mailbox to figure out what other accounts might have been compromised. Change these passwords immediately; if they include critical accounts such as bank or credit card accounts, check your statements to make sure there are no suspicious transactions. You should also consider adding a fraud alert or security freeze to your accounts with the major credit agencies.
Step #7: Humbly beg for forgiveness from your friends
Let the folks in your contacts list know that your email was hacked and that they should not open any suspicious emails or click on any links in any email(s) that recently received from you. Most people will probably have already figured out that you were not the one recommending they buy Viagra from an online pharmacy in India—but you know, everyone has one or two friends who are a little slower to pick up on these things.
Step #8: Prevent it from happening again
While large-scale breaches are one way your login information could be stolen, many cases are due to careless creation or protection of login information.
A look at Splash Data's worst passwords reveals people still choose common passwords and passwords based on readily available information, making their accounts hackable with a few educated guesses. Easy passwords make for easy hacking, and spammers use programs that can cycle through thousands of logins a second to identify weak accounts.
Picking a strong password is your best protection from this type of hacking. It also is prudent to use a different password for each site or account, or, at the very least, use a unique password for your email account, your bank account and any other sensitive accounts. If you're concerned about keeping track of your passwords, find a password management program to do the work for you. Check out our picks for the best password managers.
Limit the amount of personal information you share publicly on social media. Hackers use this publicly available personal information to help answer security questions that protect your accounts.
Bookmark websites that you frequently use to access personal information or input credit card information. This will prevent you from accidentally landing on a site that hackers set up to catch people mistyping the site address.
In a friend's case, her passwords were pretty good and there was no malware on her computer. But she was careless about where she was logging in. On a recent trip overseas, she used the computer in her hotel lobby to check her email. That was a bad idea.
Computers in hotel lobbies, libraries and other public places are perfect locations for hackers to install key-logging programs. The computers are often poorly secured and get used by dozens of people every day who don't think twice about logging into their email or bank accounts or entering credit card information to make a purchase. The best practice is to assume that any public computer is compromised and proceed accordingly.
Updated: 6/4/2020 with new resources
[email security keyboard via Shutterstock]