What to Do If Your Email Account Gets Hacked

Hacker email

Perhaps it is just a coincidence, but I’ve had a couple of people that I know who have had their email accounts hacked recently. Given all of the personal information we send and receive in email messages, that can be a traumatic experience. One victim wondered if she should take a scorched earth policy, and move completely to a new email account. That’s normally not necessary. If you still have access to your account, you can take some steps to secure it, and keep the slimy criminal out.

original photo by Don Hankins

First of all, make sure that you’ve really been hacked. Just because someone gets an email that looks like it came from you, doesn’t mean that you’ve been hacked. It is very easy to spoof an email address, and send a message so that it appears to come from someone else. Spammers do this all the time, and it doesn’t mean that they have access to your account (think of a spammer putting your return mailing address on a bunch of envelopes that he mails out, and you have the idea). But if you’ve learned that a few of your contacts have been getting messages from you that you didn’t send, then you probably have been hacked. Here’s what you need to do to secure your account.

 

Step 1 – Regain Access to Your Account

This step might not apply to you, but if a hacker has taken over your account and locked you out by changing your password, the first step will be to regain access to it. Twitter has a nice list of how to recover access to accounts for various providers. If you’re on Gmail, hopefully you followed our suggestion to take down the information that will help you recover a compromised Gmail account. If you use Gmail and have set up the ability to recover your account via text message, and the hacker hasn’t already changed the mobile number associated with your account, you can recover your account using that method.

 

Step 2 – Shut Down the Hacker’s Ability to Reset Your Password

Before you do anything, you should check your email settings and determine the address that your account uses for lost passwords (i.e. the backup email address most providers ask for, to which they send the “reset your password” link). The hacker could have snuck his address in there, which would enable him to retake your account, even if you change your password. You should remove the hacker’s address and add yours if that happened. If you don’t, all of the steps that follow could be rendered moot. If you use Gmail, you should also check the mobile number associated with your account, as mentioned in step 1, and make sure that the hacker hasn’t changed that, too.

 

Step 3 – Remove Bogus Forwarding Addresses

If your provider allows you to add forwarding addresses, you should check your settings to make sure that all of the forwarding addresses in your account are yours. In Gmail, check your filters, too, to make sure that you don’t see any addresses that you don’t recognize. You want to make sure that a hacker isn’t getting a copy of all incoming mail forwarded to him or her at some external address.

 



Step 4 – Revoke Access From Other Accounts

If you had set up your account so that you could access your email account from another provider (for example, I can have my Gmail account pull down my Yahoo mail), you should go to those other accounts and revoke permission to check your main email. This will protect you if the hacker was actually accessing your main email via the secondary account. Step 5, below, will usually serve to revoke this access on its own, but it is best to be thorough. If you don’t use a secondary account to access your main account, you don’t need to worry about this step.

 

Step 5 – Change Your Password and Secret Questions

You should change your password on your account, and then very quickly go and change the “secret questions” on your account. “Secret questions” are the questions that most providers have you set up so that you can recover your account if you lose your password, such as “what was the model of your first car?” You should change this to something that isn’t obvious, because if the hacker knows the answer to your secret question, he could regain access even after you change your password.

 

Step 6 – Assess the Damage That Was Done

One of the reasons that having your email hacked is so bad, is because we often can reset passwords on other sites by having reset information sent to us via email. So it is possible that a hacker could gain access to your email, and then use that to gain access to other sites. It is important, therefore, that you check out other important sites, reset your passwords there, and make sure that no bogus contact info is in your account settings on those sites. You probably also want to search your messages for the word “password” in order to find any messages containing password information for other accounts. Get the passwords on those accounts changed right away. Finally, check your Sent and Deleted messages folders, to possibly get a glimpse at what the hacker was up to. If he tried to swindle some of your friends via your email account, get in touch with them and let them know you were hacked.

 

Step 7 – Protect Your Account From Getting Hacked Again

That sure was a hassle, wasn’t it? To make sure that it doesn’t happen again, take some steps to protect yourself. We previously wrote about some tips to follow to protect your account.

Beyond those tips, use long, complex passwords, and make sure that the answer to your password recovery question isn’t easy to guess or figure out. If you use Gmail, you should think about setting up two-factor authentication, which will protect your account even if someone gets your password. You also should make sure that you use unique passwords for all your accounts, including your email account. LastPass and 1Password are two good choices for this. And, as we mentioned earlier in this post, record the info now that you’ll need to use to recover a compromised Gmail account, and make sure you’ve configured Gmail so that you can recover your password via text message.

 

These are some ideas about how to secure a hacked account. If you have any suggestions to add, let us know in the comments.

Evan Kline

Hello, I'm Evan. I write about tech from my perspective – that of the average 40-something tech geek. You can also find me on Twitter and at my real-life job as a lawyer.    MORE ABOUT ME.

16 Comments:

  1. Great tips here Evan.

    I have lost count of how many times friends assume they have been hacked but it is simply email address spoofing. The average Joe seems to struggle to understand that someone can easily fake an email address.

  2. We all use G-Mail now days, so if some one hacks your account, changes the password, you still have chance of changing the security question by trying to log in again and again, once Gmail will notice that you are entering the wrong password again and again, it will directly take you to the Security question page.. but what if someone changes the security question also? (i know this is difficult)

    • In the article are a couple of links that might help – 1 to reset things via SMS, and another on the info you should take down now, that you can use to prove you own the account if it is ever stolen from you.

  3. Lots of work in getting your account back. Sometimes it’s just easier to make a new one, you also get a spam free account with the change.
    That’s a welcomed thing if you’re like me and have a 10 yo account, gathers a lot of dirt on the way.

    • You know, I have had the same email account since 2002 and Google Mail do a brilliant job of filtering my spam. Ok, the Spam folder is full of it but my inbox is always nice and clean.

      • I’ve had similar luck, David. I’ve been using Gmail for several years now, and the spam filters are great. I can’t say the same thing for Yahoo.

      • But you can only hope it remains like that, spammers look for new methods to inbox every day.
        I’m pretty sure Gmail won’t last long either.

  4. How dose someone gets hacked in the first place? If your password contains some random upper and lower cases character as well as some numbers there is virtually no way to end up hacked. Oh yeah, and keep your password private, that means needs to know it except you and also, keep it in your mind, don’t write it down.

  5. My account was recently hacked. I didn’t even know it… the message that was sent out didn’t raise any red flags. Eventually someone asked if my account had in fact been hacked. It had. This process is how I had to make sure it didn’t happen again.

    These hackers are getting tricky… and sometimes even when the link is from a trusted account, it might be spam. I was hacked yet again. And changing my password didn’t help. I am safe now… for now. Great blog post, and one that a LOT of people sending out unknown direct messages should take note of.

  6. Pingback: Lock It Down: 5 Steps to Improve Your Online Security | The Doximity Blog

  7. My yahoo account was hacked yesterday 9-13,2012. Email was sent out that I was in Spain,etc. But what is so devastating is that I have lost all my folders. I have had this account since 2001. Over 650 email addresses, pictures of my mom that has been passed for four years and I could go on and on. Is there any way that I can retrieve this information. I am not very good with computers. HELP.

  8. Pingback: #CampusTec: Que hacer cuando a uno le “hackean” la cuenta de e-mail? | Blog de Maria Zaghi

Leave a Reply