This month, it was confirmed that every single Yahoo account was compromised in the 2013 data breach. That’s 3 billion accounts. Data stolen included names, email addresses, phone numbers and birth dates, among other information. And, of course, that’s just one in a series of recent massive security breaches. The odds are that if you haven’t already been hacked, you will be.
If your email account has been hacked, would you know what to do? Changing your password isn’t good enough. You’ll also want to make sure the hacker hasn’t set up your account to let him get back in or to keep spamming, even after he’s locked out. Here’s what you need to do to get everything back in order and keep hackers out of your account for good.
Step #1: Change your password
The very first thing you should do is keep the hacker from getting back into your email account. Change your password to a strong password that is not related to your prior password; if your last password was billyjoe1, don’t pick billyjoe2—and if your name is actually BillyJoe, you shouldn’t have been using your name as your password in the first place.
Try using a meaningful sentence as the basis of your new password. For example, “I go to the gym in the morning” turns into “Ig2tGYMitm” using the first letter of each word in the sentence, mixing uppercase and lowercase letters and replacing the word “to” with “2.”
Step #2: Reclaim your account
If you’re lucky, the hacker only logged into your account to send a mass email to all of your contacts.
If you’re not so lucky, the hacker changed your password too, locking you out of your account. If that’s the case, you’ll need to reclaim your account, which is usually a matter of using the “forgot your password” link and answering your security questions or using your backup email address.
Step #3: Enable two-factor authentication
Set your email account to require a second form of authentication in addition to your password whenever you log into your email account from a new device. When you log in, you’ll also need to enter a special one-time use code the site will text to your phone or generated via an app.
Step #4: Check your email settings
Sometimes hackers might change your settings to forward a copy of every email you receive to themselves so that they can watch for any emails containing login information for other sites. Check your mail forwarding settings to ensure no unexpected email addresses have been added.
Next, check your email signature to see if the hacker added a spammy signature that will continue to peddle their dubious wares even after they’ve been locked out.
Check your “reply to” email address. Sometimes hackers will change your “reply to” email address to one they’ve created that looks similar to yours. So when someone replies to your email, it goes to the hacker’s account, not yours.
Last, check to make sure the hackers haven’t turned on an auto-responder, turning your out-of-office notification into a spam machine.
Step #5: Scan your computer for malware
Run a full scan with your anti-malware program. You do have an anti-malware program on your computer, right? If not, download the free version of Malwarebytes and run a full scan with it. I recommend running Malwarebytes even if you already have another anti-malware program; if the problem is malware, your original program obviously didn’t stop it, and Malwarebytes has resolved problems for me that other anti-malware software wasn’t able to resolve. Scan other computers you log in from, such as your work computer, as well.
If any of your scans detect malware, fix it and then go back and change your email password again (because when you changed it in step #1, the malware was still on your computer).
Step #6: Find out what else has been compromised
My mother-in-law once followed the ill-advised practice of storing usernames and passwords for her various accounts in an email folder called “Sign-ups.” Once the hacker was into her email, he easily discovered numerous other logins.
Most of us have emails buried somewhere that contain this type of information. Search for the word “password” in your mailbox to figure out what other accounts might have been compromised. Change these passwords immediately; if they include critical accounts such as bank or credit card accounts, check your statements to make sure there are no suspicious transactions.
It’s also a good idea to change any other accounts that use the same username and password as your compromised email. Spammers are savvy enough to know that most people reuse passwords for multiple accounts, so they may try your login info in other email applications and on PayPal and other common sites.
Step #7: Humbly beg for forgiveness from your friends
Let the folks in your contacts list know that your email was hacked and that they should not open any suspicious emails or click on any links in any email(s) that recently received from you. Most people will probably have already figured out that you were not the one recommending they buy Viagra from an online pharmacy in India—but you know, everyone has one or two friends who are a little slower to pick up on these things.
Step #8: Prevent it from happening again
While large-scale breaches are one way your login information could be stolen, many cases are due to careless creation or protection of login information.
A look at Splash Data’s worst passwords reveals people still choose common passwords and passwords based on readily available information, making their accounts hackable with a few educated guesses. Easy passwords make for easy hacking, and spammers use programs that can cycle through thousands of logins a second to identify weak accounts.
Picking a strong password is your best protection from this type of hacking. It also is prudent to use a different password for each site or account, or, at the very least, use a unique password for your email account, your bank account, and any other sensitive accounts. If you’re concerned about keeping track of your passwords, find a password management program to do the work for you.
Limit the amount of personal information you share publicly on social media. Hackers use this publicly available personal information to help answer security questions that protect your accounts.
Bookmark websites that you frequently use to access personal information or input credit card information. This will prevent you from accidentally landing on a site that hackers set up to catch people mistyping the site address.
In a friend’s case, her passwords were pretty good and there was no malware on her computer. But she was careless about where she was logging in. On a recent trip overseas, she used the computer in her hotel lobby to check her email. That was a bad idea.
Computers in hotel lobbies, libraries, and other public places are perfect locations for hackers to install key-logging programs. The computers are often poorly secured and get used by dozens of people every day who don’t think twice about logging into their email or bank accounts or entering credit card information to make a purchase. The best practice is to assume that any public computer is compromised and proceed accordingly.
Kantra, Suzanne. “What To Do When Your Email Gets Hacked,” Techlicious, Computers & Software, 10/23/2017