What is an e-mail attack and why is it significant?

Your e-mail is the gateway to many password change mechanisms. If your e-mail is compromised then every website or service you have authenticated access to via your e-mail is vulnerable though ‘forgotten password’ recovery mechanisms, unless you use two factor authentication and your mobile is still secure. This is a hacker technique called daisy-chaining; access to your e-mail allows daisy-chained access to any associated account.

If your e-mail account has been compromised you might be unable to log into your e-mail on your device or access your webmail with your username and password.

There are several types of e-mail hack:

• Spambot – an automated system which takes control and use your e-mail account to send spam. Whilst annoying, it will not be clever enough to change your account settings so that you are locked out.
• Phishing – a simple way to fool someone to give you log in details.
• Keystroke capturing – implementing malicious software which will log all key strokes on your keyboard.
• Password guessing – knowing details around your victim, or forcing passwords that are easy to guess and allowing the attacker to gain access to your online accounts.

First steps

1. Change your password on your e-mail account if a spambot has taken control and is sending spam from your account.
2. If you are unable to do this, there is chance that a real person has taken control of your account, they may have changed your password, you can reset this by going to your sites log-in area and the ‘forgot your password link’ and can have the new password sent to a different e-mail account if you have set one up previously.
3. It is possible that the hacker has changed your security questions and recovery e-mail and can get back in when ever they want to. You will need to log an incident with your account provider.

Who to contact

• Action Fraud
• Your account service provider’s technical support team (some useful links are included below).
  • Outlook (formerly Hotmail and Live mail)
  • Yahoo
  • Gmail – see their troubleshooting page. Select ‘I think someone else is using my account’, follow the steps and the site will walk you through the best way to take your account back.
  • AOL – E-mail abuse@aol.com or compromised@abuse.aol.com. Be prepared, the service provider will go to considerable lengths to prove you are who you say you are. They are understandably suspicious of people trying to recover hacked accounts as hackers often use this method to take control of accounts.

Follow up action

1. If you have responded to a suspicious e-mail then log into your legitimate account and change the password.
2. Delete suspicious e-mails that might encourage you to respond to password reset information.
3. Use a separate e-mail account and warn some of your key contacts to be wary of any suspicious e-mails.