Which makes it a great port of entry for hackers.
Most of us have gotten an email from a friend or colleague that just doesn’t sound . . . right. Maybe they’re asking for money. Maybe they’re claiming to be on an overseas trip. Maybe they misspelled a few words.
And some of us have been hacked ourselves. Have you ever had friends reach out in response to an email you don’t recall sending? Do you notice that your “Sent Messages” folder has been emptied, and you didn’t do it? Are you suddenly having trouble logging on to your online accounts? These are all signs you might have been hacked, and the trick to limiting the damage lies in speed and thoroughness.
Here are some tips on how to protect your email accounts.
- Beware of phishing emails. These are emails sent specifically to trick you into clicking a link or sending money to a bogus operation. Look for misspelled words, threatening language, lack of contact information, and strange domain names. Delete these emails immediately.
- Don’t share your account access information with others, and make sure your passwords are complicated and hard to guess.
- When you are checking your email at a public computer, remember to log out of your email and close the browser window completely.
- Don’t send personal and financial information via email. Banks and online stores provide a secure section on their website where you can input your personal and financial information.
What to do if you’ve been hacked:
- Update your system and delete any malware. The first thing you should do if your account gets hacked is to run an end-to-end antivirus scan. This means skipping the “quick scan” setting in favor of a deep scan to identify and eliminate not only all forms of malware (including Trojans and spyware to keyloggers that could be tracking your keystrokes even after the hack has been identified) and potentially unwanted applications. It’s important to make sure you’re clean before you change any of your other sensitive information to avoid restarting the cycle. Also, set your security software, internet browser, and operating system to update automatically.
- Change your passwords. Once your computer is free of malware, it’s time to change your password. If you’ve lost access to your account, you may need to contact the email provider directly, prove who you are, and ask for a password reset. Choose a new password that is very different from your old one and make sure it doesn’t contain strings of repeated characters or numbers. Your password should be unique for each account, complex (i.e., a mix of letters, numbers and special characters) and at least 15 characters long.
- Contact other online services. It’s critical to change your passwords with other payment-based accounts such as Amazon, Netflix, LinkedIn, credit card companies, etc. Make sure you use different passwords for every online account.
- Change your security questions. While your password was the most likely attack route, it’s also possible that hackers broke into your account after answering your security questions. Many users choose the same answer to common security questions, so change yours to something unusual.
- Report the hack. If you haven’t already, contact your email provider and report the hack. This is important even if your hacked email didn’t cause you to lose access since it helps providers track scam-based behavior. In addition, your email provider may be able to offer details about the origin or nature of the attack.