Find out what I'm doing, Follow Me :)

Monday, April 11, 2011

What To Do When Your Email Account is Hacked or Compromised : Tips

These days the number of spams we receive in our emails have increased than ever before and also the number of people are increasing rapidly who report that their email accounts have been hacked. Signs of your email account been hacked can be, your friends receiving messages you did not send, mail is marked read that you never saw, settings being changed, or anything else out of the ordinary. In any case, the question is the same: “What to do if this happens to me?”

While many Borntohack readers may be knowing the steps to follow, but having a handy guide is a useful thing and as many readers are resources for friends, family, and coworkers so they can recommend this guide to them. These steps can serve as a checklist to ensure thoroughness.

This is a guide on how to reasonably secure your e-mail account. What to do if you lose access to your account is a different problem for another article. This article assumes you still have access, but strange things (as mentioned above) are going on. It will cover the three most commonly used e-mail account types: Gmail, Hotmail, and Yahoo Mail. While changing the settings is pretty easy, finding them can be less than obvious.

Here are some screenshots to help you find the general settings page for your account.


Step 1 : Change Your Password

You need to do this immediately. This is akin to changing the locks on your doors. When you do not know exactly who has a key to your home, the locks are a liability. Count yourself lucky that you can get into your account. To change your password, log-in and go to Settings. Then follow the steps appropriate to your account.
  • In Gmail: Mail Settings > Accounts and Imports > Change Password
  • In Hotmail: More Options > Account Details (look for “Change” next to password)
  • In Yahoo Mail: Mail Options > Account Information > Change your password

Step 2 : Check Your Recovery E-mail Address

Your recovery e-mail address is the one that you use to reset/regain your password. However, if it was changed, it can be used to get the password to your account. Take a look to see if it is set to another account you own. If not, change it immediately. You also may want to follow these steps on that account.
  • In Gmail: Mail Settings > Accounts and Imports > Change Password Recovery Options
  • In Hotmail: More Options > Account Details (look for “Remove” next to an odd e-mail)
  • In Yahoo Mail: Mail Options > Account Information > Update password-reset info

Step 3 : Change Your Hints

Most people forget about this, but it is a good idea to
change your hints. If the hacker knows the answer, they may be able to regain access. This usually requires the recovery e-mail address to be altered, but it is still better to change your hints. Since hints are usually used to reset passwords, they can be used to change your password.
  • In Gmail: Mail Settings > Accounts and Imports > Change Password Recover Options
  • In Hotmail: More Options > Account Details (look for remove next to a question)
  • In Yahoo Mail: Mail Options > Account Information > Update password-reset info

Step 4 : Check Your Forwards

Checking your forwards is going to be a tedious process, but it is important. If you only have time to skim them over, then do so but make a thorough look your next priority. Your bank account may depend on it. Your e-mail account can be set up to send letters to other e-mail accounts. Most websites are set up to send new passwords to your e-mail address. That means that an unscrupulous person could ask the site for your password, set up your account to forward it to an account they have access to, and the get into the site. That could be a bank site, a blog, FaceBook, or anything else.
  • In Gmail: Mail Settings > Forwarding and POP/IMAP
  • In Hotmail: More Options > Email forwarding
  • In Yahoo Mail: Mail Options > POP & Forwarding (note: a premium service)

Step 5 : Change All Your Passwords on Connected Accounts

Sadly, you have to assume that your forwards are compromised. You are going to have to go through each site you used your e-mail account to sign up with and change the password and hint. You might even want to associate them with a separate account to isolate critical e-mails. Alternatively, you could just change your password and hint on sensitive sites. Your bank and any financial websites should be first. Social networking site like FaceBook and Twitter should be next.

Keep in Mind

You should always use a strong password for your accounts: one with uppercase, lowercase, numeric, and symbol characters. Ideally, you should have a different one for each account. At the very least your e-mail, financial, and social networking sites should have separate passwords. Security is not about absolutes, but about making it difficult for others to gain access to you account.

You can also set up your account to use your phone for e-mail recovery. As I have not used it, it is beyond the scope of this article, but is worth considering.

1 comment:

  1. Some body hacks my yahoo account and i have no longer access to this . The hacker also change my security question and other information
    is there any way to get it back?