Do you think your email may have been hacked? It seems like not a day goes by where I don’t get a question from someone that boils down to their email account having been hacked. Someone, somewhere, has gained access to their account and is using it to send spam, access other online accounts, hassle contacts, and more. Here are some tips you can try to recover your email account.
Paid email accounts are usually easier to recover. I suggest if you are using an email for your business and you have important email information then you should be using a “PAID” email account. In today’s day where sometimes hackers change passwords, sometimes not. Sometimes traces are left, sometimes not. Sometimes everything in the account is erased — including contacts and saved email — and sometimes not. What’s important? A few extra bucks a month or losing business information?
1. Let’s try to recover your account.
Log in to your email account via your provider’s website. Meaning, don’t use the email client program such as Outlook. Go directly to a browser and log into your email.
If you can log in successfully, consider yourself very lucky!
If you can’t log in, even though you’re sure you’re using the right password, then the hacker has probably changed your password. The password you know and love is no longer the correct password.
You must then use the “I forgot my password” or other account recovery options offered by the service.
You will receive "Password Reset” instructions to an alternate email address which I hope you had set up already or maybe a text message to a mobile phone number you set up previously. If you didn't set up these options or if the recovery methods don’t work then you no longer have access, you will have to use the customer service phone numbers or email addresses provided by that email service. For free email accounts, there usually is no customer service. Your options are generally limited to self-service recovery forms, knowledgebase articles, and official discussion forums where service representatives may (or may not) participate. For paid accounts, there are typically additional customer service options that are more likely to be able to help.
Important: If you cannot recover access to your account, it is now someone else’s account. Let me type this again. If you cannot recover access to your account, it is now someone else's account. It is now the hacker’s account. Unless you’ve backed up, everything in it is gone forever. FOREVER! You’ll need to set up a new account from scratch and start over.
2. Try to change your password.
As always, make sure it’s a good password: easy to remember, difficult to guess, and long. In fact, the longer the better, but make sure your new password using a combination of numbers, special characters, uppercase and lowercase letters — ideally 12 or more. I know this is hard but you have to do it!
You’re not done yet! Changing your password is not enough. Let’s change or confirm your recovery information. While a hacker has access to your account, they might leave your password alone, so you won’t notice the hack for a while longer. It’s important not only to change your password if you think you’ve been hacked but to change all of the recovery information as well. As a matter of fact, you should schedule to do this every 90 days.
The reason is simple: Smart hackers change recovery information too! So, if you do change your password, the hacker can follow the “I forgot my password” steps and they can reset the password out from underneath you, using the recovery information they set. Sneaky Hacker!
Thus, you need to check all of it and change much of it … right away.
- -Change the answers to your secret questions. They don’t have to match the questions (you might say your mother’s maiden name is “Microsoft”); all that matters are that the answers you give during a future account recovery match the answers you set today.
- -Check the alternate email address(es) associated with your account and remove any you don’t recognize. The hacker could have added their own email addresses. Make sure you have alternate email addresses configured, and that they are accounts that belong to you and that you have access to.
- -Check any phone numbers associated with the account. The hacker could have set their own. Remove any you don’t recognize. Make sure that if you do provide a phone number, it’s yours and no one else’s, and you have access to it.
Overlooking information used for account recovery allows the hacker to easily hack back in. So, make sure you take the time to carefully check and reset all as appropriate. Don’t stop here, let’s check “out of office” messages, reply-to, forwards, and signatures.
If your email service provides an out-of-office or vacation-autoresponder feature, or some kind of automatic signature that appears at the bottom of every email you send, it’s possible people already know you’re hacked. Hackers often set an auto-responder in a hacked account to automatically reply with their spam. Each time someone emails you, they get this fake message in return, often written so it sounds like you sent it.
If your account includes the ability to set a different “Reply-To:” email address, make sure that hasn’t been set. Hackers can set this so that individuals who think they’re replying to you end up replying to the hacker instead. Make sure your email is NOT being automatically forwarded to another email address. Hackers often set this option when it’s available and receive copies of every email you get. They can use this to break into your account again, even after you recover it.
Check any signature or automated response features. Hackers often set up a signature so that every email you send includes whatever it is they’re promoting — often a link to a malicious web site.
3. Check related accounts.
The hacker can now gain access to any account associated with the hacked email account. Like your bank, PayPal, and social media sites. While the hacker has access to your account, they have access to a lot of information including past and current emails as well as what arrives in the future. Take a moment to think about that... they can see any online account that you have associated with the email account. That can be banks, doctor offices, credit cards, mortgages, loans, and so much more.
Let me say this in a different way for you to understand: because the hacker has access to your email account, the hacker can request a password reset be sent to it from any other account for which you use this email address. In doing so, the hacker can hack and gain access to those accounts.
As a precaution, or any doubts that other accounts could have been hacked as well, consider proactively changing the passwords on all those accounts. WOW, that can be a lot of work, better get started.
Should you let your contacts know? Absolutely. This can be very dramatic for some people, so my suggestion is to let anyone know that you have taken care of the problem if someone mentions that they got a suspicious email or social media post from you. A common reaction to my recommendation that you let your contacts know is: “But my contacts are gone! The hacker erased them all, and all of my email as well!”
NO WAY... this can happen and it does!
It’s often part of a hacker not wanting to leave a trail; they delete everything they’ve done, along with everything you have. Or had.
4. Start backing up your email now. Start backing up your contacts now.
If you’re like most people, you’ve not been backing up your online email. Try to contact your email service provider and ask if they will restore it for you. In most cases, they will not. Because the deletion was not their doing, but rather the doing of someone logged into the account, they may claim it’s your responsibility and they are absolutely right.
At navitend, we have special backup utilities for our clients’ email, don't let this frustration happen to you. Give us a call today to see if we can help.
Feel free to contact Patrice if you would like more information and visit the navitend blog site for more security tips
Contact us at 973.448.0070