What to do if you’ve had a email hack


What is it and why is it important?

  • Why this is critical: your email is the gateway to many password change mechanisms. If your email is compromised then every website or service you have authenticated access to via your email is vulnerable though ‘Forgotten Password’ recovery mechanisms, unless you use 2 factor authentication and your mobile is still secure. This is a hacker technique called daisy-chaining; access to your email allows daisy-chained access to any associated account.
  • If your email account has been compromised you might be unable to log into your email on your device
  • You are unable to access your web mail with your user name and password

There are several types of email hack:

  1. Spambot – an automated automated system which takes control and use your email account to send spam. Whilst annoying, it will not be clever enough to change your account settings so that you are locked out.
  2. Phishing –  simple way to fool someone to give you log in details
  3. Keystroke capturing – implementing malicious software which will log all key strokes on your keyboard
  4. Password guessing – knowing details around your victim, or forcing passwords that are easy to guess and allowing the attacker to gain access to your online accounts.

First Steps

  1. Change your password on your email account if a spambot has taken control and is sending spam from your account.
  2. If you are unable to do this, there is chance that a real person has taken control of your account, they may have changed your password, you can reset this by going to your sites log-in area and the “forgot your password link” and can have the new password sent to a different email account if you have set one up previously.
  3. It is possible that the hacker has changed  your security questions and recovery email and can get back in when ever they want to. You will need to log an incident with your account provider

Who to Contact

  1. Action Fraud
  2. Account service provider – technical support team some useful links are included below.
  3. Outlook (formerly Hotmail and Live mail)
  4. Yahoo
  5. For Gmail: Gmail troubleshooting page. Select “I think someone else is using my account” and then follow the stepsand the site will walk you through the best way to take your account back.
  6.  For AOL: email abuse@aol.com or compromised@abuse.aol.comBe prepared: The service provider will go to considerable lengths to prove you are who you say you are. They are understandably suspicious of people trying to recover hacked accounts as hackers often use this method to take control of accounts.

Follow up action

  1. If you have responded to a suspicious email then log into your legitimate account and change the password.
  2. Delete suspicious emails that might encourage you to respond to password reset information
  3. Use a separate email account and warn some of your key contacts to be wary of any suspicious emails






Next steps