E-mail account hacked: what now?
If your e-mail account has been hacked, sensitive data can quickly get into the wrong hands: internet criminals can access your online payment services (e.g. PayPal), make purchases on your behalf, expose company secrets and even attempt confidence tricks. The effects can be disastrous, but instead of panicking, you need to keep calm and follow the steps of our 'crisis plan'. Because in many cases, you can regain control of your account before anything bad happens.
How can an e-mail account be hacked?
The most important step for stopping an e-mail address from being hacked is: prevention. Once you know how an e-mail account can be hacked, you can protect it better. Internet criminals use different methods to get hold of e-mail addresses and their passwords. Particularly well-known are hacking attacks on large websites’ servers that aim to steal user data. Phishing and malware are also frequently used.
Data theft during server attacks
Large-scale hacking attacks on businesses are always making the headlines. Criminals manage to attain millions of customers’ data and log-in information. Since many internet users only use one password for everything, hackers just need to crack the one password then they can gain access to countless e-mail and website accounts. You can easily prevent this by creating a unique and secure password for each login. The most secure passwords contain random combinations of letters, numbers, and special characters. Since hacking attacks are only first discovered when it’s too late, you have to act quickly and change your passwords immediately.
Phishing using fake e-mails
The second possibility is phishing e-mails. This is where spambots send masses of fake e-mails in which the recipient is asked to enter personal information on fake websites. These e-mails pretend to be from a known website and ask for the recipient’s password for security reasons. The person is then redirected to a fake website, which is deceptively similar to the authentic site. However, the password isn’t tested to see how secure it is, but instead it’s sent directly to internet criminals. Legitimate websites, mail providers, payment services, and online stores never ask for their users’ passwords by e-mail. Don’t just give out your information to anyone that asks. If you are unsure whether an e-mail is legitimate, consult the respective website.
The third possibility cybercriminals use to get hold of sensitive data is to carry out a malware attack. Malicious programmes are usually sent in e-mail attachments with fake file names. If one of these attachments is opened, the malicious software will automatically be installed on the user’s computer. These malware programmes run quietly and secretly in the background and spy on sensitive data and passwords. Keyloggers, for example, record all keyboard entries on the infected PC and transmit the data to the internet criminal – including any passwords. The most effective protection against spyware is to always have up-to-date anti-virus protection and an activated firewall installed on your computer. But as a user, you should also exercise caution: be skeptical at all times and check a mail’s authenticity before opening the attachment.
What to do if your e-mail has been hacked
Are you worried about your e-mail account being hacked? You need to check for legitimacy: in this article we reveal in detail how to tell if your account has been hacked. You can use Have I Been Pwned to find out whether one of your accounts has been compromised in a data breach. If you discover that unknown users have access to your accounts or you’ve noticed unusual activity associated with one of your accounts, follow the next steps of the 'crisis plan':
- Try to log into your account as usual. If you can do so without any problems it means your password has not yet been changed by hackers. You should change it yourself as soon as possible. To do this, go to your e-mail provider’s website and change the password in your account settings. You must then log in on all your devices using the new password otherwise you won’t receive notifications of oncoming mails. The same security measures outlined above also apply here: choose a password that you will ONLY use for your e-mail account. If you are still using this password on another website, you should consider changing it immediately.
Change your passwords regularly and use a unique password for each account. This should be as long as possible and consist of upper and lower case letters, digits, and special characters. A password manager can help you keep track of them all.
- If the password has already been changed by unauthorised persons, you can regain control of your account by answering one or more security questions (this is the case with most mail providers). To do this, use the feature 'Forgot your password?'. When you set up your account you might have chosen to answer some security questions such as 'what is your mother’s maiden name?' or 'what was the name of your first pet?'. You’re usually the only one who knows the answer to these questions. Other providers ask for your mobile phone number or a second e-mail address to ask whether they can grant access. If these questions are answered correctly, you will be sent a new password via e-mail. Change this new password (not to the previous one!) to 'block' the unauthorised persons.
- Now you have to investigate the causes: scan your entire system for malware – ideally with a rescue disc or an online scanner. Rescue disks are available from all major anti-virus software developers like Kaspersky. Bitdefender provides a free online scan. The reason for this measure: if the password was uncovered with a keylogger and the e-mail account was hacked, the malicious software could access all the newly-changed passwords. If the scan shows a result, change the password once again after the malware has been removed. Only this way can you be absolutely sure that the malicious software hasn’t stolen your new password. If there wasn’t a malicious programme on your computer, you were likely the victim of a phishing mail or large-scale data theft.
- Once you have access to your inbox again, your system has been checked, and the password has been changed, you now need to work out what damage the hackers have caused. Obtain an overview of the extent of the hacking attack and, if necessary, get proof: have spam e-mails been sent using your e-mail address? Have purchases been made from your account? This has to be determined so that in case of an emergency you can prove that the fraud happened. If you or someone else (i.e. online shops) suffered a financial loss, you should report it to the police immediately and if necessary, consult a lawyer.
- Finally, you should prepare yourself for the future. The best idea is to change all your passwords. If, for example, a keylogger was installed on your computer, the hackers might have been able to access your other passwords. Since secure passwords can be difficult to remember, you can use a password manager that remembers them for you. The programmes manage all your passwords and remind you to change them at regular intervals so it’s easy to keep an overview. In addition, you should also back up your most important accounts with two-factor authentication. This is a double security system, which requires a separate code in addition to a password when you log in. This is usually sent to the authorised recipient by SMS. The device can only be authenticated when both the password and the code are entered. Hackers, on the other hand, can only find out the password, but not the code associated with it. More and more mail providers and web portals are offering the possibility of two-factor authentication in the account settings.