Perhaps it is just a coincidence, but I’ve had a couple of people that I know who have had their email accounts hacked recently. Given all of the personal information we send and receive in email messages, that can be a traumatic experience. One victim wondered if she should take a scorched earth policy, and move completely to a new email account. That’s normally not necessary. If you still have access to your account, you can take some steps to secure it, and keep the slimy criminal out.
original photo by Don Hankins
First of all, make sure that you’ve really been hacked. Just because someone gets an email that looks like it came from you, doesn’t mean that you’ve been hacked. It is very easy to spoof an email address, and send a message so that it appears to come from someone else. Spammers do this all the time, and it doesn’t mean that they have access to your account (think of a spammer putting your return mailing address on a bunch of envelopes that he mails out, and you have the idea). But if you’ve learned that a few of your contacts have been getting messages from you that you didn’t send, then you probably have been hacked. Here’s what you need to do to secure your account.
Step 1 – Regain Access to Your Account
This step might not apply to you, but if a hacker has taken over your account and locked you out by changing your password, the first step will be to regain access to it. Twitter has a nice list of how to recover access to accounts for various providers. If you’re on Gmail, hopefully you followed our suggestion to take down the information that will help you recover a compromised Gmail account. If you use Gmail and have set up the ability to recover your account via text message, and the hacker hasn’t already changed the mobile number associated with your account, you can recover your account using that method.
Step 2 – Shut Down the Hacker’s Ability to Reset Your Password
Before you do anything, you should check your email settings and determine the address that your account uses for lost passwords (i.e. the backup email address most providers ask for, to which they send the “reset your password” link). The hacker could have snuck his address in there, which would enable him to retake your account, even if you change your password. You should remove the hacker’s address and add yours if that happened. If you don’t, all of the steps that follow could be rendered moot. If you use Gmail, you should also check the mobile number associated with your account, as mentioned in step 1, and make sure that the hacker hasn’t changed that, too.
Step 3 – Remove Bogus Forwarding Addresses
If your provider allows you to add forwarding addresses, you should check your settings to make sure that all of the forwarding addresses in your account are yours. In Gmail, check your filters, too, to make sure that you don’t see any addresses that you don’t recognize. You want to make sure that a hacker isn’t getting a copy of all incoming mail forwarded to him or her at some external address.
Step 4 – Revoke Access From Other Accounts
If you had set up your account so that you could access your email account from another provider (for example, I can have my Gmail account pull down my Yahoo mail), you should go to those other accounts and revoke permission to check your main email. This will protect you if the hacker was actually accessing your main email via the secondary account. Step 5, below, will usually serve to revoke this access on its own, but it is best to be thorough. If you don’t use a secondary account to access your main account, you don’t need to worry about this step.
Step 5 – Change Your Password and Secret Questions
You should change your password on your account, and then very quickly go and change the “secret questions” on your account. “Secret questions” are the questions that most providers have you set up so that you can recover your account if you lose your password, such as “what was the model of your first car?” You should change this to something that isn’t obvious, because if the hacker knows the answer to your secret question, he could regain access even after you change your password.
Step 6 – Assess the Damage That Was Done
One of the reasons that having your email hacked is so bad, is because we often can reset passwords on other sites by having reset information sent to us via email. So it is possible that a hacker could gain access to your email, and then use that to gain access to other sites. It is important, therefore, that you check out other important sites, reset your passwords there, and make sure that no bogus contact info is in your account settings on those sites. You probably also want to search your messages for the word “password” in order to find any messages containing password information for other accounts. Get the passwords on those accounts changed right away. Finally, check your Sent and Deleted messages folders, to possibly get a glimpse at what the hacker was up to. If he tried to swindle some of your friends via your email account, get in touch with them and let them know you were hacked.
Step 7 – Protect Your Account From Getting Hacked Again
That sure was a hassle, wasn’t it? To make sure that it doesn’t happen again, take some steps to protect yourself. We previously wrote about some tips to follow to protect your account.
Beyond those tips, use long, complex passwords, and make sure that the answer to your password recovery question isn’t easy to guess or figure out. If you use Gmail, you should think about setting up two-factor authentication, which will protect your account even if someone gets your password. You also should make sure that you use unique passwords for all your accounts, including your email account. LastPass and 1Password are two good choices for this. And, as we mentioned earlier in this post, record the info now that you’ll need to use to recover a compromised Gmail account, and make sure you’ve configured Gmail so that you can recover your password via text message.
These are some ideas about how to secure a hacked account. If you have any suggestions to add, let us know in the comments.