What to do if your email has been hacked
Losing control of your email is essentially like getting your life hacked — emails usually contain a plethora of personal conversations and sensitive details. While there are ways to reduce the risk of getting your email hacked, sometimes it's out of your control. If your email gets hacked, here are a few tips on what to do to regain control and heighten your account's security:
Attempt to regain control
According to the Federal Trade Commission, users should try to regain control of their email account. Best practice would be to use a different or safe device in case the email has been compromised from a device-related malware. Sometimes this can be relatively simple and can be taken care of in minutes.
First, try to reset your password using the pre-selected security questions. If this works, be sure to notify the email provider about the hack — the Huffington Post says that the email provider can give you more information regarding the attack. Should this fail, then contact the email provider regarding the hack and outline what has happened and what steps you have taken. If it has a number you can call, then attempt to speak to a representative. While you wait to hear back, take a few precautionary steps outlined below.
Alert those in your primary social circle
Give those who you interact with on a daily basis a heads up that your email has been hacked, advises the FTC. This ensures that they will be alert if they receive a suspicious email from your account. Once everything resumes to normal, be sure to notify them as well. If sketchy emails have already been sent out, it can help to quickly post a PSA on Facebook (or your most used social media account) to rapidly alert those in your contacts list.
Change passwords for banking and social media accounts
If your email is linked to social media accounts and your financial accounts, then it would be wise to change your passwords, CBS reports. With access to your email, a hacker can gain control of your banking and social media accounts by requesting new passwords and changing them. In addition to changing passwords, it can be beneficial to temporarily switch the primary email from the hacked account to a different email that has not been compromised.
Run an anti-virus program on your computer
In the scenario that the hack came from a virus on your computer, the Huffington Post advises running an anti-virus program on your device to make sure it is clean. As mentioned above, make any attempts to restore your email (like password changes) on a separate computer or device.
Create a random and strong password
Once you have regained control of your email, be sure to create a unique and strong password. The password should ideally be a random string of different cases, numbers, letters and symbols, reports Life Hacker. People recommends using phrases in passwords but to avoid those that pertain back to your personal life like pet names and school names.
Check and update your security questions and settings
In addition to changing your password, update your security questions to make them harder to guess and something only you can answer. After all, it is entirely possible the hacker gained control of your email in the first place by figuring out the answers to your security questions. Damon McCoy, assistant professor of computer science and engineering at New York University, told People that if the answer to a question is available online, then it may be best to skip question or answer incorrectly. "It might be a good idea to answer incorrectly or skip that question and instead answer a question that isn't online," McCoy told People.
While you're at it, check your email settings to ensure everything is in place. ABC recommends making sure your email signature does not have malicious links added and that your emails aren't being automatically forwarded to another site.
Set up two-factor authentication
If you haven't done so already, set up two-factor authentication for your email account. This will add an extra layer of security, CNN reports. Google, for example, offers 2-Step Verification where a user receives a code via text or voice call whenever they sign into their Google account using their password. Yahoo, which was victim to a massive hack, also has a two-step verification in place for its users as well.