There are any number of signs that may give you a clue that your email has been hacked. And what do you do if it has? You may ponder that very question if you suspect that’s the case. Let’s review a few indicators of a compromised email box and what you can do about it if it happens to you.
Indicators your email has been hacked
Suspicious login attempt notifications
This might be a familiar notification for you. It will happen if you log in with a new phone or computer. Depending on whether or not your device has been registered as a trusted device, it could also happen if you are in a different location.
Tip: If you’re receiving multiple notifications about suspicious login attempts on your email account, it could be that someone is attempting to access your account or already has. It might also be a phishing scam, so DON’T CLICK on the email. Instead, log into your email account, change your password, and enable Multi-Factor Authentication (MFA), if available.
Your personal data has been changed
Have you received an email from your email provider informing you that some of the personal data in your account has been changed? This may be a sign that it’s been compromised. If you haven’t made any changes yourself, it’s worth looking to ensure no one else has either.
Tip: Log into the account separately rather than clicking on links you may receive in an email or text. The message letting you know there were changes may actually be phishing rather than a message from your provider.
Spam emails were sent from your account
If contacts in your address book inform you that they have received spam emails from you, this should be a red flag. While there are other reasons your address may appear in the spam emails (spoofing your address, for example), it is also possible that someone is using your account to send spam emails.
Tip: To find out if it’s coming from your mailbox, log in and look at the messages you sent. If there are a bunch that you didn’t send, someone has gotten into your account. If not, ask your contacts to hover over the sender’s address (or, on mobile devices, press and hold the sender with your finger). If there’s an email address other than yours, this is “spoofing.” This means that the sender has used your name, but your mailbox has not been hacked. Unfortunately, other than putting your worries at ease, there isn’t anything else you can do other than letting your email administrator know.
Your address book has been deleted
Sometimes, it’s possible that attackers are using what’s called the “grandparent scam.” This is that infamous scam where someone calls pretending to be a grandchild, niece, nephew, child, friend, etc., stating they are in need of financial help and asking the victim to send money right away. They may claim they are in jail or need it for medical treatment, among many other excuses. After performing this scam, the attackers may delete the address book/contact list.
Tip: Any sense of urgency, like “I’m in dire need to get out of jail,” “pay a bill,” or “something bad will happen,” should set off alarm bells. Contact the person they claim to be separately and confirm it. Most of the time, you’ll find out that the person is safe and just fine.
Your login failed several times
If you receive a security alert that your email account has been the target of several failed login attempts, it may be cause for alarm. If these are not you, it may mean that something is wrong.
Tip: Log into your account separately and make sure your information remains valid. Consider changing your password and enabling multifactor or two-factor authentication.
Your email password changed
If you find that you cannot access your mailbox even after entering your password several times and you have not mistyped it, then someone may have taken over your email account.
Tip: If you cannot log in and request to change your password and are unsuccessful, you will need to contact your email provider.
Yes, someone did try to get into my account. Now what?
If you notice signs of unauthorized access, it is best to take the following steps immediately:
- Change your password in the settings. Make sure you make it at least eight characters with a combination of letters, numbers, and special characters. Avoid using dictionary words, names, or personal information. Remember to also reset the password in your mobile device apps.
- Run a virus scan on all devices. It is important that you run a full virus scan, not a “quick scan.” You can find free and paid versions that are good, but you should have something installed on all devices to help catch these. If the virus scan reveals something, change the password again. Yes, it’s a little annoying, but if you don’t, the hacker will also have the password you just changed to.
- Change your security question(s): If your email has security questions attached to it, the hackers also have access to those. Therefore, you should change those.
- Notify your contacts that your email account has been hacked. Whoever got into your account had the opportunity to send infected emails to all your contacts in order to attract new victims. By letting them know immediately, they can avoid falling victim to attacks.
- Check your stored data and settings. If you can toggle spam protection, make sure it is still activated. If you had filter rules set up, check them. Also, take a look at the storage period of your email folders. They may have been changed, so you’ll need to recheck them.
Potential reasons for a hacked mailbox
Weak passwords are the most common cause of an attack. If your passwords do not meet the minimum standard, you make it relatively easy for criminals to gain control of your mailbox or other accounts.
Tip: Be sure to always use strong and unique passwords for every single online account.
Unfortunately, many people fall for phishing lures repeatedly. Often, this is a result of stolen passwords and login data resulting from successful phishing excursions or a previous data breach.
Tip: Beware of phishing lures such as blurred graphics and photos, typos, and links and attachments sent from unknown senders or that are not expected.