Steps to Take When Your E-mail is Hacked: A Checklist

Have you ever received a suspicious e-mail from someone you know? If so, there is a good chance their e-mail account was compromised. While you may think you are protected, this can happen to even the most cautious among us. If you end up the victim of e-mail hacking, there are actions you can take to ensure that your account is protected in the future. It is important to secure your account as soon as possible. So, before making any embarrassing phone calls to friends and family in an attempt to explain that you did not send those “natural male enhancement” e-mails, follow these important steps.

1. Create a new Password

If your house had been broken into, wouldn’t you immediately change your locks? Upon discovering that your e-mail account has been hacked, changing your password should be the very first thing you do. Depending on your e-mail provider, you can usually change your password by accessing your e-mail settings, selecting mail options and then choosing account details.

When coming up with a new password, make sure it is a strong password that’s unrelated to anything you’ve previously used. Most computer experts will tell you that a strong password is one that has at least eight characters and contains a mixture of lower- and upper-case letters and numbers.

2. Check Your E-mail Settings

Hackers often change the settings on your e-mail account so that a copy of each e-mail you receive is forwarded to them as well. This allows them to track future e-mails, hoping for one that contains login info for other websites. Make sure that no unfamiliar e-mail addresses have been added to your account, especially to your mail-forwarding settings. It’s also important to check your e-mail signature to ensure that the hacker didn’t include any spam.

3. Check Your Back-up E-mail Address

Back-up, or recovery, e-mail addresses are those used when it is necessary to reset or recover a password. If you only have one e-mail account, you should open a second – preferably using the same host – for this purpose. Unfortunately, the hacker may have changed the settings or password for your recovery account as well. Even if the hacker didn’t access this account, it’s still wise to change your password, just in case.

4. Change Your Password Hints

This step is one that people may forget. Hints are often used to provide you with clues in case you’ve forgotten your password or it needs to be reset. If the hacker somehow found the answers to your hints, there is a chance they can still access your account. While this is unlikely, it should not be ruled out. You can typically change your password recovery information by accessing your mail settings/options, selecting your account details and then changing your password recovery settings.

5. Make Sure Nothing Else Was Hacked

This may be basic information for those who went to security professional colleges, but the rest of us tend to be lazy about storing passwords and login information for other sites carefully. Often, if you’ve forgotten your login for a particular site, you can request that your user name and password be sent to your e-mail address. Search through previous e-mails for any such information, as these sites could also have been compromised. Change the login information for these sites immediately. If your credit card and bank account are among the sites possibly compromised, be sure to check future statements for any unauthorized transactions.

6. Create a new Password for any Connected Accounts

Assuming the worst is usually a good idea in situations like this. In this case, you should assume that any sites where you used your e-mail address to register have been compromised as well. This means that you need to visit each of these sites in order to change both your login password and hint. Another option is to create a new e-mail account that you use only for important sites. You should also change the password and hint for your banking website and for any social networking sites to which you belong.

7. Run a Malware Scan

If you don’t already have a malware program on your computer, now is the time to download one. Malwarebytes is an excellent and free malware program you should consider using. Even if you already have a malware program, it’s a good idea to install another. Quite often, one malware program will pick up problems that another may have missed.

Run a full malware scan on your computer and fix any problems it finds. If the scan detects anything, you should return to step one. If malware was present on your computer when you first changed your password, changing it a second time after the threat has been removed should ensure your account’s safety.

8. Don’t Let it Happen Again

While it’s easier to remember a short, quick password, this is also what makes it easy for hackers to hijack your account. You should consider creating unique passwords for every site to which you belong. If this is too much trouble, at least create unique passwords for both your e-mail and bank accounts. Equally important is to make sure you choose strong passwords.

Remember to take extra care on public computers. Do not access confidential information on a public machine. These computers make it easy for hackers to steal your information through key-logging software.