Skip to content

Would you know if you’d had your email hacked?

October 19th, 2015

Martin

Yes, you would! Your friends would soon start telling you about how they’d received nonsensical emails from you, and people you’d never even heard of (possible businesses you’d once had email contact with) would be sending you confused messages and “I’m currently out of the Office” type mail.

It can be embarrassing, but this isn’t the time to worry about that. You’ve got to move into action straight away, to make sure the damage is limited.

Why was my email hacked?

Your email account is a powerful tool. It lets you reach billions of people for next to no cost, and lets companies keep in touch with you about their latest offers and updates.

Unfortunately, that’s exactly why it’s misused, and email hacking is just one of the ways in which this happens.

The good news is that the emails you sent to your friends might not be dangerous – they merely have given the hackers a way into hacking their email account too. The real goal comes later.

Once enough email accounts are in the hands of the hackers, letting them send millions of emails on a whim, they can sell this power to the highest bidder (in fact, to anyone with enough cash). And that’s when the proper spam starts, with promises of million dollar misplaced wills and attempts to get your bank account details. And there are the virus-laden emails too.

Of course, you don’t want to make the email hackers’ jobs any easier, do you? So what action should you take?

What to do if you think you’ve had your emails hacked

1. Change your email password

The very first thing is to change the password associated with that email address. It doesn’t matter whether it was a super powerful 30 character string or ‘password123’ – it’s now in the hands of the hacker.

There’s usually an easy way to change your password. Look for the ‘Settings’ page on the web page where you check your email, perhaps represented by a cog symbol or three stacked horizontal bars.

Look out for icons like these to change your settings

Look out for icons like these to change your settings

2. Check the backup email address

The next thing is to check whether your account has a ‘backup’ email address associated with it. This is a second email address to which the email host sends important messages if you get locked out of your account. For instance, if your email address is shipshape@hotmail.co.uk, then you may have told Hotmail to send any ‘lost my password’ emails to shipshape@gmail.com, because of course if you’ve lost your password you can’t get into shipshape@hotmail.co.uk!

Check that this address setting is either empty, or contains an address which you control. If it contains an unfamiliar email address then the hackers may even be able to change your password and lock you out!

3. Change other account passwords

The third step is rather annoying, and can take a long time. Don’t be tempted to skip it though.

If you have other accounts with popular sites like Facebook or Twitter which use the same email address and password as the hacked email account, then you need to change, at the very least, the password for these too. The hackers who now know your username and password for your email address will immediately try that combination on the other sites, and the problem could spiral.

I know it’s a pain, but it’s also a good reminder that you should use different passwords for every site you use.

If you really want to be extra careful, then you should consider changing the email address associated with those other accounts, but this is where the trouble might be more than it’s worth.

4. Let your friends know

You don’t have to tell everyone on your contacts list, but email your closest friends and family to tell them that you’ve been hacked, and that they should delete any odd emails that they’ve received from you in the last couple of days.

Most important of all, tell them not to click on any links in those emails! Simply clicking the link might be enough to steal their login details.

5. Do a couple of security scans

One you’ve battened down the hatches, and changed your passwords, do a security scan with your existing anti-virus suite. Here at Ship Shape Computers I recommend Kaspersky Internet Security, which repeatedly comes top of the comparison lists. Deal with any issues as instructed.

Secondly, do a scan with a specialist malware scanner like Malwarebytes Antimalware. This will pick up a lot of things that your antivirus might miss, and will deal with non-virus things too like cookies and adware (software which contains adverts).

6. Update your phone and tablet passwords

Finally, if you’ve changed your passwords for some of your online accounts you’ll need to check any phones, tablets or other computers which use those passwords, and update them to reflect this.

Open the Facebook app, for example, and you’ll likely be told that your password is incorrect. So put in your new one, and do the same for other apps, such as email, Pinterest and Skype.

How to prevent yourself getting into this situation in the first place

How do you end up getting your emails hacked in the first place? And how do you stop it happening again?

Well, it’s true that hackers are always coming up with ever more ingenious ways of getting your private information off you. But there are characteristics to look out for.

If you’re ever asked to confirm your log-in details by a site, especially if it comes somewhat out of the blue, check the address in the top bar. Is it definitely the site that appears to be? Be especially careful it’s not something similar but not the same as the site it looks like. Is yahoooh.org.uk asking for your Yahoo password? Or faceb00k.com asking for your facebook.com details? (Note those zeroes – not letter ‘o’s!).

The usual internet safety rules also apply, so avoid opening emails that are from people who you don’t know. Make sure your email program does not automatically load images or other attachments. And certainly never click on any links in suspicious emails.

Ask yourself: was I expecting this email? Is it trying to get me to type in secure details into a website? And if it is, is this something I have requested?

If in doubt, stop! 🙂

And as always, if you’ve any doubts as to whether you’ve been hacked, you can give me a ring and I’ll answer any questions you have over the phone (for free!). If you decide that a more detailed inspection is needed, I can come and do this for you, at your home.

Comments are closed.