What to Do if Your Email Account Has Been Hacked
My email account has been hacked. How much trouble am I in?
Well, having your email account cracked could pose a serious problem given that your photos, contracts, invoices, tax forms, reset passwords for every other account, and sometimes even passwords or credit card PINs are all saved there. Plus: our emails are interconnected to all our other digital accounts, from bank accounts to social networks, cloud services, online shops, and so on. By simply breaching the email, a malicious hacker can easily get access to all these.
Hackers don’t just want your money. They want all the details they can possibly get, no matter if you’re the CEO of a top company, a celebrity, or just someone with “nothing valuable” on their emails. Your data can be used to make financial operations in your name. Cybercriminals can use your credit card details, open bank accounts, take out loans, or ruin your credit card’s rating – not to mention that if the hacked email account belongs to a company, we’re already talking about a data breach, which usually results in revenue loss, time loss, brand damage, and legal action.
Why Would Cybercriminals Want to Hack Your Email?
Email hacking has become a gold mine for cybercriminals constantly trying to gain access to our accounts and steal our sensitive information, given that we now link everything – from online banking and federal taxes to our confidential documents – with our emails. Here’s what they are usually looking for and why:
Contracts. Contracts almost always contain confidential information that you wouldn’t want anyone else to see – especially malicious hackers!
Personal conversations. We know you’re well aware that your email conversations don’t just consist of funny images, videos, and stories from your daily life but also discussions in which you handle important issues related to working with your partners or colleagues. That’s exactly what they’re looking for.
Photos – especially nudes. Remember the Fappening, when hundreds of nude photos, mostly with women, were leaked? Various celebrities were affected by this scandal, including Jennifer Lawrence, Kate Upton, Kirsten Dunst, and many others. The attacker used a simple phishing technique to gain access to victims’ accounts: he sent them emails that appeared to look like they came from Google or Apple, warning them that their accounts might be compromised. He asked them for their passwords and that’s how he managed to get into their emails and iCloud backups.
Invoices, scanned IDs, insurances. Invoices usually contain many sensitive details about the recipient: name, phone, addresses. All these can be used by malicious hackers for identity theft.
Passwords, credit card pins, or bank account information. If you’re storing your passwords on your email, in case your email gets hacked, so do all your other accounts. For safety reasons, you could either write them by hand and store them in a secure place, where only you have access, or you could use password management software to keep them encrypted for you. You can find more tips on how to manage your passwords here.
“Reset your password” emails. This type of stored email is another treasure that cybercriminals can find in a hacked email account. They’ll be able to see what other accounts you have, reset your passwords, and take over those as well. You could make their job harder by deleting all the emails you get from those accounts.
Travel itinerary and calendar. These are gold for thieves or scammers. Just think about it: they know precisely when you’re gonna leave home, when you will be on a plane (and most likely without network coverage) when you’ll be in a meeting, and when you’ll return back home – you could even end up with your house broken into.
Tax forms. Tax forms contain a crazy amount of information about us, that can be used by identity theft criminals. If you emailed them in the past, search for them and delete them.
Order confirmations from online shops. Such emails contain all the order details, from what you bought, to the delivery address, date, phone number, and method of payment. From here, a cyber crook can also access your online shop profile and see your saved credit card details. Remember to delete all transactional emails after you received the orders. Also, do not save your credit card details on any shopping website. Instead, fill them in every time you want to buy something.
Your contacts. It’s not only your contact information that would be compromised in case of a hacked email account but also all of your contacts. They are also valuable to cyber attackers, as they can use them for identity theft as well or sell them on the dark web to spammers.
How to Know if Your Email Account Has Been Hacked
You have probably understood by now how valuable your email accounts could be for a malicious actor. If you’re wondering how could you tell that your account has been compromised, have a look at the tell-tale signs below:
- You’re told that your password is incorrect
- You notice strange emails in the Sent folder
- You receive unexpected password reset emails
- You notice unusual IP addresses, devices, or browsers
What Should Users Do if Their Email Account Is Cracked?
Because of the widespread usage of email and its ongoing development, cybercriminals will continue to be more and more tempted to target email users’ accounts. Here’s what you should do if your email account has been compromised.
Change your password
If you suspect someone is tampering with your account, the first security step is to change the password. If that is not possible, try the recovery process. If that fails too, don’t hesitate to contact your email provider’s customer service as soon as possible.
Add two-factor authentication
This is the second most important step you should take. Activate two-factor authentication (also called multiple-factor verification) everywhere you can. Almost all major companies offer this option and some even impose it by default. From bank accounts to email providers, big social networks, cloud services, and so on, you should keep it enabled everywhere it’s available. It works as an extra protection layer, besides passwords. The second factor usually consists of a unique passcode that’s time-sensitive and you can only receive it through your mobile phone or some other physical object that you have. You can see how this can be an impediment for malicious hackers, lowering their chances of success. Even if they somehow manage to find out your passwords, they’ll only be able to access your account if they also get past this second security layer.
Double-check account recovery information
If you manage to regain access to your account, don’t relax just yet – check all your account recovery information. If you don’t recognize the phone numbers and email addresses listed there, change them immediately.
Check account forwarding and auto-replies
Cybercriminals might use auto-forwarding to get copies of the emails you receive and auto-replies to automatically send spam to your contacts. Make sure you check these sections after you get access to your account again.
Verify if other accounts were affected
We use emails to secure other accounts, so you have to make sure that nothing else was compromised. Make sure you can log in and consider changing the other accounts’ passwords anyway. If you can’t access the accounts you use the hacked email account for, try to reset their passwords immediately or contact customer service.
Alert friends and family
If you think your email account has been hacked, it is recommended to alert your friends and family that they might receive spam emails or that someone might try to steal information from them too. Advice your contacts to be on the lookout for suspicious emails or even phone calls and give them a safe email address where they can reach you.
Clean up your device
After recovering your hacked email account, make sure that you run an antivirus scan to check for any type of malware. Make sure that your browsers and applications are up to date and, if you do not have backups already, now would be the perfect moment to start compiling them.
But What if a Business Email Account Gets Hacked?
A Business Email Compromise (BEC) is also called a Man-in-the-middle attack and it can have much more unpleasant consequences than the hacking of a personal email account. If you notice something unusual with your business email account, try taking the following steps to avoid spreading phishing schemes or even malware to other employees of the company:
Secure your accounts
As in the case of a personal cracked email account, it’s important to check all other accounts and information linked to the compromised one and cut off access to them. Notify the bank or other financial institutions you work with about the breach and check the settings of the company’s social media accounts. Don’t forget to make sure that your email account has strong security questions and two-factor authentication.
Notify necessary parties
If your business email account gets hacked, it’s important to notify your business associates that might work with sensitive information. If the email is linked to a subscriber list, consider writing a social media post and a paragraph on your website to explain the situation to your followers and apologize.
Contact Customer Service
If you cannot recover your account by hitting the “forgot password” button, you might have to talk to your company’s IT department. Another option to get control over your email account is to contact the Customer Service of your email provider.
Clean up your system and email
After regaining your email account, it is recommended to check your system for any suspicious software or files that might have led to the attack in the first place. If you have been the victim of a phishing attack, you might have malware in your system, so you might even need to restore the computer or reinstall the OS.
How to Prevent Your Email from Being Hacked
Set strong and unique passwords
This should be the first and foremost step taken. The two main characteristics of a good password are its strength and uniqueness. A strong password should be long enough (go for at least 14 characters), including upper and lower cases, numbers, and symbols. Don’t use your name or nickname, your birth date or birthplace, nor the birth date, birthplace, or name of any of your family members or friends (pets included as well). Also, stay away from any variation of the word “password” or common passwords such as “qwerty”, “0000”, “1111”, “12345”. Here’s a longer list of bad passwords. “Unique” means that you shouldn’t reuse your passwords on any other accounts. Don’t set the same password for Facebook, Twitter, email, cloud storage, and so on. Otherwise, in case one of those services gets hacked, all the rest of your accounts will be vulnerable. If you can’t keep track of all your passwords by memory, you can make your life easier by using password management software. It will keep all your passwords encrypted and warn you if you try to set a password that’s neither strong nor unique. This way you’ll only have to remember the master password, the one that you use for the software.
Activate two-factor authentication
As we’ve previously mentioned, two-factor authentication is one of the most effective security measures. It is secure and it will not take a lot of time to get through it – you won’t need to authenticate yourself every time you open your browser or mobile app and want to check your account. You can save the devices and browsers you use most often, and you’ll only be prompted to insert the second-authentication factor if you want to log in from a new device.
Set a lock code to your devices
It is a bit surprising how many people leave their devices unprotected by not setting an automated lock. We can’t always guard our laptop, mobile phone, or tablet and make sure that nobody else accesses them. A lock code is one of the easiest ways to keep intruders away.
Learn how to detect and prevent phishing attacks
Phishing isn’t a new technique, but it’s still an efficient one. Cybercriminals can use phishing attacks to withdraw money, steal your identity, open credit card accounts in your name, and further trade all that information about you, so be careful with what emails and attachments you open or what links you click on.
Declutter & Backup
Stop keeping things that you don’t need anymore in your inbox. Delete all useless emails and backup everything else, every important email or attachment. Encrypt them and store them in a safe place (it can be cloud storage or a separate hard disk).
How Can Heimdal Help?
Heimdal Security has developed two email security software aimed against both simple and sophisticated email threats (Heimdal Email Security, which detects and blocks malware, spam emails, malicious URLs, and phishing attacks and Heimdal Email Fraud Prevention, a revolutionary email protection system against employee impersonation, fraud attempts – and BEC, in general.
For example, you may want to consider Heimdal Security’s Heimdal Email Fraud Prevention, the ultimate email protection against financial email fraud, C-level executive impersonation, phishing, insider threat attacks, and complex email malware. How does it work? By using over 125 vectors of analysis and being fully supported by threat intelligence, it detects phraseology changes, performs IBAN/Account number scanning, identifies modified attachments, malicious links, and Man-in-the-Email attacks. Furthermore, it integrates with O365 and any mail filtering solutions and includes live monitoring and alerting 24/7 by our specialists.
Heimdal® Email Security
- Completely secure your infrastructure against email-delivered threats;
- Deep content scanning for malicious attachments and links;
- Block Phishing and man-in-the-email attacks;
- Complete email-based reporting for compliance & auditing requirements;
Conclusion
Email accounts are important because nowadays everyone who’s on the Internet has at least one. Their cybersecurity is important because any detail about the owner, no matter how insignificant it may seem, has great value for a malicious actor and can be used for ill purposes. Whatever method you choose for protecting your email accounts, please remember that Heimdal Security always has your back and that our team is here to help you protect your home and your company, and to create a cybersecurity culture for the benefit of anyone who wants to learn more about it.
Drop a line below if you have any comments, questions, or suggestions – we are all ears and can’t wait to hear your opinion!
And follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.
Lat updated by Antonia Din.
Nice Post a life saver for me.
For a long time now l’ve been trading crypto and making more wealth from NFT which is something I cannot just stop doing. It takes patience and a lot more calculations to be able to make profit but the gains put me on the edge. If need be to engage with a trustworthy and diligent trading expert or recovery of lost digital assets such as NFT and other crypto, I can recommend the services of Cryptomaster331 (at) g m ai I to help invest or recover your coins successfully. I came across this expert through a very close friend of mine that got their services in recovering her lost bitcoins. Get informed and do the needful to keep your business afloat.
Hello everyone
All the information provided here is very helpful. Keep posting and keep sharing.
Thank you very much, we’ll do!
Oh my goodness! a great write-up dude. Thanks Even so I am experiencing trouble with ur rss . Don’t know why Not able to register for it. Is there everyone acquiring identical rss dilemma? Anybody who knows kindly respond. Thnkx
Thank you for your appreciation, Latonia! We’ll check.
Our RSS feed seems to be working correctly, Latonia. Could you give us some more details about the problem, please?
Details are in this post is excellent and very interesting and I would like to share this post with my all friends.
Thank you! A share would be nice, go ahead!
How to delete cash app account The Cash App is a useful app for transferring money easily to friends, family, or other contacts with just the use of your phone, very similar to Venmo. However, since it’s linked to your bank account, if you want to delete it – whether because you found a similar app that you like better, or because you simply don’t use it anymore.
superb..
Thank you!
thanx for sharing
Glad you appreciate the post!
backstage
Glad to come across this website. You have shared a very useful article on email security. I will recommend this website to my friends.
Thank you, James!
plz help my fb accunt forgoton but not my number code send
Help me please,to get my generator code
Some one havk my fb am not about to get n it they change my email i have email fb from othet pages. Any they have not respond to me at all what do i do
Plss help me to get my generator code
what is amazon aws used for
I got the same problem, somebody stole my email data from my Cpanel. Now he is misusing my emails. I am much worried about it.
Hacked my gmail.
I’ll take note of your internet site as well as inspect once again here consistently.
thank you, Yadira!
WOW…Thanks so much for this info! Getting hacked is a very scary thing…believe me, I’ve been there
I just recently lost my job because my employer found incriminating evidence in my personal google/gmail/skype account, and used it against me to sign a “forced” voluntary resignation without pay or benefit. Almost two weeks after I left the company, I again noticed someone hacking into my google and skype accounts! They changed my passwords, security questions, changed recovery emails and deleted my mobile device connected to my account. I am now not able to access my skype account as it was deleted by them. We started tracing and gaining info and evidence of all the security activities and users/devices that accessed our accounts without authorization. Through tracing their IP, we gathered alot of evidence that it was infact my previous employer that hacked my google account. My country does not have any laws/act that protects us from cyber criminals, but i want to try and sue them for invasion of privacy. This article just highlights how much more they could have done on my account just through gaining access to my information
regards
Holgar
Some guy hacked my Email so I tracked down their IP
Good article bro, I’m so happy I found blog like yours. Really appreciate work you do for us, already applied sugesstion on my site.
Thank you, Delmer! Glad to hear that!
Usually, I do not post comments on blogs, but I would like to say that this blog really forced me to do so! Thanks for a really nice read.
Thank you, Bailey!
nice post maybe they want to access our bank details?
great post keep it up.
Thanks, Sonia!
nice post
Thank you so much for this wonderful Post.This is an awesome post thank you for sharing this interesting post,
This is a really helpful post, very informative there is no doubt about it. Thanks for sharing this information with us. I really appreciate your work.
Thanks for providing the information with this post. The post is very nice! By the way, I want to share with you information about the best.
This is a great inspiring article. I am pretty much pleased with your good work. You put very helpful information.
I’m impressed with the info you provide in your articles. I must say am highly overwhelmed by your whole story. It’s not easy to get such quality information online nowadays. I look forward to staying here for a long time. Best Regards
I like Your Site
Thanks for sharing your thoughts and ideas on this one. Please keep posting about such articles as they really spread useful information. Thanks for this particular sharing. I hope it stays updated, take care.
grateful for your blog post. You will find a lot of approaches after visiting
your post. Great work.
This is a good,common sense article.Very helpful to one who is just finding the resouces about this part.It will certainly help educate me.
I’m glad to hear it helps. Stay safe!
This Article is Really Fantastic And Thanks For Sharing The Valuable Post.
Lots of good stuff here. Hackers are everywhere and relentless. They will never go away we’ll have to continue upgrading our security defenses.
Thanks for sharing this post here.
Thanks for sharing this fantastic blog, really very informative. Your writing skill is very good, you must keep writing this type of blogs.
Very helpful blog. I
thanks for sharing this information
nice
i understad , wat can i do to recover my account , normanlewis73@gmai.com
I think – Cyber Security will be the power asset of the future. Because everything can be destroyed by hacking.
wonderful post.
Great post..!! thanks for sharing with us..!! This article really helpful for non-tech users..! Regards & Thanks
Nice information, its very useful for us, thanks for sharing.
I want to get security, which one is better.
Now a days security is important for us.
Thank you for sharing such a great article. Keep sharing. It will help lot of peoples.
Nice Post
Brilliant post.
Security is necessary for all sector.
Without security we can’t secure our important document, so please activate the security to save our important data.
Hi.
I want to tell you that I’m visiting your site for a long time and yoou post
good info. I shared your latest article on twitter and got a
lot of good feedbacks.
Keep up the great work!
Aw, this was an exceptionally good post. Spending some time and actual effort to make a good article… but what can I say… I put things off a whole lot and never seem to get nearly anything done.
Nice post.
great article.. thank you for sharing such a informative post..
superb post.. thanks for sharing..
nice post.. thanks for sharing..
This article is very useful and informative. that great article
This article is very useful and informative. that great article
This article is very useful and informative. that great article
This article is very useful and informative. that great article
Great blog, its very useful information for us, thanks for sharing.
Great post, informative blog. You cover a good topic of this era.
I think This would be the best as i found the topic, What is the basic tick tacks for which we are going to hire new things I like that way that you are sharing…..
thanks for sharing this psot
thanks for sharing this psot
What A Great Informative Post. Thank you for sharing this with us. Keep posting And Helping Us.
What A Great Informative Post. Thank you for sharing this with us. Keep posting And Helping Us.
Thanks For Sharing, Nice Article Keep Sharing Check Out Our Website for Pogo games related problems
Nice and helpful information shared by this article with us and I hope that we will also get more new information regarding this post as soon as. This information is valuable for most of the users.
Nice and helpful information shared by this article with us and I hope that we will also get more new information regarding this post as soon as. This information is valuable for most of the users.
Great Post! Thanks For Sharing, Nice Article Keep Sharing Check Out Our Website for Pogo games related problems
I enjoy this website – its so useful and helpful.
Thank you for sharing with us, its really nice post, you can also visit below link and take benefits of our services
Nice Post!! Hey Guys, Are you facing problems in Microsoft Software or getting invalid key error while Using Microsoft? Take help of Microsoft Support Number. At here, we provide you online technical help for your Microsoft Software.so call toll free and get quick help.
Wow! Great information, its really useful post for me, thanks for sharing.
Amazing information, such a great post and I love it.
Great Post! I really love how it is easy on my eyes and the information are well written
Your blog is meaningful, I have read many other blogs, but your blog has hit me, I hope you will have more great blogs to share with readers.
Informative Blog!!
hello!,I really like your writing very a lot! share we keep in tohch more about your post on AOL?
I need an expert on this house to resolve my problem.
Maybe that is you! Looking ahead to look you.
sharing very useful post! thanks for this.
such a useful info!
Thanks for sharing this article about cyber email hacking , really helpful
Thanks for sharing such informative article
Thanks for sharing this information………keep posting
Great article…..good work…keep posting
Great Blog! Cyber Security is one of the topmost aspects in the digital world. Once your email gets hacked you lost your identity.
PhoneSupport Hub A Reliable and Leading IT Compnay provide support for small business and home users for any kind of computer network problem.
Very helpful blog. I find it very informative. Thanks for sharing
Great information. Lucky me I came across your blog by chance (StumbleUpon). I have saved it or later!
Wow! its really amazing information for me, thanks for sharing great post.
Without security we can’t secure our important document, so please activate the security to save our important data
Hacking is a bad process, we should protect our computer system.
Nice Blog, I really appreciated with you my friend keep posting I would like to see more blog. Have you any technical errors regarding emails problems and you need some help then contact to our experts technicians who available all time for help email users.
The security should be the main priority for everyone. We should keep the password so strong in which we can use alphanumeric characters and special characters also to sign up the email. We should not share the email id on the spammy websites.
Nice and helpful information shared by this article with us and I hope that we will also get more new information regarding this post as soon as. This information is valuable for most of the users.
Set the strongest password possible. Celebrities like Mark Zuckerberg, Katy Perry and Drake, along with scores of everyday folks, were hacked because they used weak passwords. You’d be surprised at how many folks use the same password for every account, despite repeated warnings. The biggest no-no is using the same password for multiple sites because if one site is hacked and your password is exposed for that site, your other accounts will then be vulnerable. Obviously, it’s hard to remember a bunch of strong (which means long and complex) and unique passwords.
Security is a need now a days. to secure your computer device is important for us.
Very helpful blog. I find it very informative. Thanks for sharing with us.
Great Post. Thanks for sharing very useful blog. All information is very helpful for us.
Thank you for sharing such a great article. Keep sharing. It will help lot of peoples.
There are certain things which are making the cybercriminals to hacked the emails inbox just because there is the personal conversation which is having it and the password which is the condition as many other things which will be risky to have it so for that it should be very attentive to save it.
There are some things that are making cybercriminals to hack email inbox because they have private conversations and passwords which are the status of many other things, which will be risky, for which it should be very careful to protect it.
There are certain things which are making the cybercriminals to hacked the emails inbox just because there is the personal conversation which is having it and the password which is the condition as many other things which will be risky to have it so for that it should be very attentive to save it.
I’m afraid this article has the same flaw as almost every other article on email security. It focuses on protecting the inbox, but fails to advise people that send email is completely unprotected when it leaves your computer.
This gives people a false sense of security. E.g. “I have two-factor authentication now, so it’s fine to send this spreadsheet attachment to by tax representative”.
The article would benefit from reminding people that sent email is completely unsecure unless it’s encrypted.
Hi Eddie, thank you for the feedback. Indeed, the article focuses on securing your email account, not necessarily protecting outbound communication. If you use encrypted solutions, we hope you checked out the recently disclosed PGP vulnerabilities 🙂
Thanks again for the input, have a great day!
Great article Cristina. Thank you for sharing the valuable information
heimdal security good post 🙂
This is a fact that we keep so valuable information in our inbox and thats why hackers want to hack it
but no has been able to hack gmail inbox except hamza
you can about hamza here btw
http://gadgetteacher.com/hamza-bendelladj-robin-hood/
so even when hackers want to hack, they cant hack google gmail for sure
hence we are safe
angad,
Hacking isn’t always exploiting flaws in code or finding back doors. Everyone is one click from being scammed, phished, or conned to reset/confirm our password. Then you are hacked!
“I don’t care about getting hacked, there’s nothing valuable in my email”
– I’m going to put this mantra of the unaware on my shop window.
I would query “If you have accounts on online shopping websites such as Amazon, try not to save your credit card details on them. Instead, fill them in every time you want to buy something.” – Surely this only applies if your email account has already been hacked? Gmail 2-factor authentication should prevent this occurring? Probably open to debate?
Thank you for your feedback, Andy!
While the second part of the article is up for debate, we’d still recommend yo don’t save your card details, because breaches can happen irrespective of personal efforts to keep data safe. And Amazon accounts are a favorite target for cyber criminals precisely because of the card details they include. Of course, it’s up to each and every one of us to choose the level of protection we want to adhere to.
Getting hacked is scary but it’s real. It can do a lot of damage to you especially if you work online. I am glad I am actually using the two-factor authentication with my email for quite some time now. It’s a bit tedious but it’s all worth it. Need to take some time to delete personal info in my inbox though as what the article suggested. Great read, very informative!