What Should You Do When Your Email Account Gets Hacked?
How often do you use your email account? Some of you probably contact their bosses and colleagues through it, and if you're a prolific online shopper, you likely store all the invoices in your inbox. It's fair to say, however, that email's role as the number one way of communicating online was usurped by other tools a while ago. As a result, we started paying less and less attention to it.
Some may even go as far as saying that getting their email accounts compromised is no big deal. Those people should reconsider. A hacked email account is a big deal, and we'll now show you why.
Your email can be used for resetting all your passwords
If you're not forced to reset your passwords a lot, you might have forgotten the procedure. Let's remind ourselves how it usually goes.
In some cases, you might be able to regain access to your online account by answering your secret questions, but for security reasons, fewer and fewer services are using them. Usually, resetting your password involves entering your username (which is often your email address) and clicking the Forgot password button. Then, the service provider sends you an email with a link that lets you assign a new password. Often, you are required to enter the new password twice just in case you've misspelled it the first time, and with that, you're pretty much ready to go.
It takes minutes, and there's nothing to stop the hackers from going through the same exact steps if they have access to your inbox. In that respect, your email is perhaps one of your most important online assets. Cracking it open could lead to the compromise of all your other accounts.
Your email could contain sensitive information
For years now, security experts have been saying that email is not a secure form of communication. Unfortunately, some people and services continue to use it to relay sensitive information. It's a good idea to keep your inbox clean, but, as we mentioned already, people tend not to pay too much attention to their emails nowadays, and we doubt that many regularly remove messages containing valuable data. Although it's long been condemned as bad practice, some websites continue to send passwords via email as well. It's not hard to see how this could make the crooks' job even easier.
Your email account can be used for sending spam
There are people who use email profusely. They're called spammers, and they'll likely be happy to use your email address for sending anything from Nigerian prince type of scams to malware. The people you have in your address book will probably be the first to get the unsolicited messages, and they'll likely be unwilling to speak to you after the incident. Spam can wreak all sorts of havoc, and you wouldn't want to see it coming out of your email account.
It should be pretty clear by now that getting your email account hacked could have serious consequences both for you and for your friends, colleagues, and business partners. It's important to know what to do in case it happens.
Change your password(s) and secure your accounts
The first thing you must do is get the hackers out of your account. The fact that they got in means that they probably have your password. Some of the crooks will change it as soon as they break in, but if they haven't done it yet, try to beat them to it. If they have, the email provider should give you options for regaining access to your account after you prove that you are its rightful owner. In the end, changing the compromised password should be the first thing on your mind. Unfortunately, in most cases, that's not the end of it.
Let's not beat about the bush, many of you reuse passwords. If the password protecting your email is also used to protect other accounts, make sure you change those as well. As Mark Zuckerberg can testify, password reuse is a very serious problem. Fortunately, password management tools like Cyclonis Password Manager can help you avoid it. There is one more thing that can beef up your account's defenses.
More and more online service providers now offer two-factor authentication as an additional security feature. Sadly, most people have yet to understand what it does and how to enable it. Stay ahead of the pack and be sure that you're using it wherever possible. This way, even if the crooks manage to get their hands on your password, they still won't be able to do any damage.
Clean up the mess
Now that you've regained full control of your accounts, it's time to see what sort of damage the hackers managed to wreak. Give your email a thorough going-over. Start by checking your Inbox and your Sent folder to see the messages the hackers have sent or received while you were cut out of your account.
Go through your own correspondence and see if the crooks might have stolen any sensitive information. If there is valuable data, try as best you can to protect it. You've already gone through enough trouble. You don't want any more.
Check the rest of the accounts associated with the compromised email address. See if the crooks have been sending your Facebook friends some messages, for example, and if they have, get in touch with your close ones, and warn them not to open anything.
Try to find out how it all happened
To prevent something from happening again, you need to know how it all played out in the first place. There are a number of ways to compromise an account. Did your email provider expose your login credentials or did the breach happen at another website where you used the same password? Did the hackers use malware to steal your password from your own computer? These are all questions you need to answer.
Regularly scanning for malware is something you should be doing anyway, and if you haven't adopted the habit yet, it's high time you do it. With some data breaches, vendors don't know that they've exposed sensitive data until the users start complaining. An email or two might be enough to save other people from going through the same headache.
Getting your email account hacked is not fun. In some cases, there's little you can do about it, but proper password management and general knowledge of what sort of things can happen if you do get hacked will help you limit the damage.