Think your email may have been hacked? Here are the signs to look for, how account takeover attacks commonly occur, and how to recover your account and avoid falling victim again Show Email has been with us for decades. And while social media and mobile messaging apps are increasingly popular, it remains the mainstay of our personal and professional communications. There are an estimated 4.1 billion email users globally today, with 306 billion emails sent and received every day last year. We use it for everything from sending pictures and keeping up with friends, to interacting with essential healthcare, banking, government and other services. Yet email is also a honeypot for malicious activity. By hijacking our accounts, hackers can monetize attacks in a variety of ways to line their own pockets. For the victim, it can be a stressful and bewildering experience. In this article, we look at:
Why would someone want to hack my email?Cybercrime costs the world trillions annually. A great deal of this revenue comes from monetizing stolen data, which many of us don’t realize is often stored in our email accounts. We might have sent bank statements to our accountant. Rental agreements containing contact details. Or highly sensitive data to our lawyer. This information could be harvested by an attacker and used against us, to elicit more information, in phishing attacks, or leveraged directly to carry out identity fraud. Some 49 million Americans lost a total of around $56bn to identity scammers last year. Cybercriminals might also want to get your email account and log-ins in order to:
There are a few ways hackers could get your account details. They could send a phishing email directly, tricking you into believing it came from a legitimate source – potentially even your email provider – and requesting you “log in” again. Alternatively, they might also be able to:
How can I check if my account was hijacked?The first step towards recovering your account is finding out what happened. Some common signs that your email has been hacked include:
If you want to double check, try HaveIBeenPwned.com, which runs an extensive database of breached email and mobile phone accounts you can check against. Additionally, Google, for example, enables you to review your recent account activity or perform a “Security Checkup”, which includes recent activity such as new sign-ins. Other major email services provide similar options, as well as offer step-by-step guidance for recovering a compromised account (Gmail, Yahoo Mail and Outlook.com). How do I stop my email account from being hacked again?Going through the experience of having an email account hijacked reminds us all just how much we use these apps every day. The good news is there are plenty of things you can do proactively today to prevent the same thing happening again. These include:
Following a serious incident, it might also be useful to reach out to your main contacts (using blind carbon copy aka BCC), or even via social media. If you’re concerned, also inform your bank. At any rate, stay calm and learn from the experience. Can I check if my email has been hacked?How Do I Know if My Email Has Been Hacked? You can't sign into your email account. Hackers will often lock you out of your account as soon as they get access. If your normal email password isn't working, there's a good chance you've been hacked. There are strange messages in your “Sent” folder.
Is my email on the dark web?If your data is available on the dark web, one of the easiest ways to find out is to check the “Have I Been Pwned” (HIBP) website. It's a free service, and all you have to do is conduct a search using your email address or phone number.
Should I delete my email if it was hacked?Should I delete my email after it's hacked? No, don't delete your email, even after it's been hacked. This is because most email providers will recycle old and deleted email addresses. If you're concerned, stop using your email for sending or receiving messages, but don't delete it.
Can someone hack your email without a password?Your email account can act as a gateway into other accounts. The hacker can simply click “forgot password” at login and have a password reset link sent right to your email inbox, which they now control.
|