What to do if your email is hacked

Despite the continuous reveal of safety measures and software, research shows that email hacking cases are skyrocketing. One 2016 Intel study found that when presented with 10 different phishing emails, 97 percent of all computers involved failed to identify the criminal acts all 10 times. “Phishing” involves using electronic communication forms in fraudulent attempts to steal sensitive information by masquerading as a trusted entity. A 2011 study found that on average, there were 113 billion spam, scams and phishing emails received daily.

There may be no better time to carefully review your security precautions, as we face an ever-increasing announcements of hacked email cases. These perpetrators gain access to users’ email lists, which offer  valuable data and information for countless criminal activities, including identity theft and embezzlement. Email hacking can affect any and all parties, from grandmothers to leaders of industry. Here are some examples of how hacked emails can target anyone:

  1. On July 28, 2015, the Joint Chiefs of Staffat the Pentagon reported an email hacking attack affecting about 4,000  military and civilian personnel; the entire system was taken offline. Known as a spear-phishing attack, it tricks victims into opening infected emails that spread through networks and steal credentials. Although there was no definitive proof, the hacked email attack, originally thought to have occurred on July 25, was suspected to be the work of Russian email hackers. Russians were also suspected in the October 2014 hacked email violations affecting the S. Department of State; this was considered the “worst ever” cyberattack against a federal agency.
  2. She may be topping the sales charts, but music superstar Adele wasn’t spared the reality of email hacking. On March 21, 2016, the singer discovered personal photos, including a sonogram of her son, on a closed fans’ Facebook account. The security breach was revealed to Adele’s management team by one of the group’s members. The photos were thought to have been taken from the singer’s boyfriend’s email account.

Even the most dedicated online security isn’t 100 percent secure against email hacking. In the Brennan case, the email hacker gained access through the relatively simple process of “social engineering.” This involves publicly available information being collected and used for personalized attacks. But hacked email can be accomplished with other methods, including malicious “spam” delivering harmful links. Email hacking is a serious threat to any computer user, regardless of their background or physical location. But there are tips that can better defend the safety and security of your infrastructure and data. An array of effective identity theft monitoring software is available for infected systems, as well as for future prevention.

The basics of email hacking

All facets of our lives are impacted by the capabilities offered by online applications, from high-tech metropolises to remote, ancient cultures. But beyond providing content, information and news, the Internet is highly valued for the communication forms it allows. Email capabilities have become essential, for professional and personal success. They’re present on virtually every computer, smartphone, tablet and countless other devices.

This all-encompassing presence enables smoother, faster communication between parties. Many email platforms are confined to single systems, while others utilize gateways to allow users to send emails throughout the Internet. This has improved global communications, enabling messages and content to be sent and received , anywhere in the world, even to multiple users at one time. But, they’ve also opened the doors to countless email hacks and cybercrimes.

You’re probably familiar with those calls and messages from friends and family who have received strange emails with your name in the subject line. They may request emergency funds or confidential information. Or, you may find that your social media accounts were hacked.  Our email inboxes regularly fill up with annoying spam, scams  and endless marketing. But they may actually be more devious spam, scams and phishing emails. These may even include harmful, destructive programs or files.

This malicious software (malware) could be in the form of viruses, which are programs or code that can be downloaded directly into your email system, whether as messages or attachments. Once opened, these hacked emails can affect any programs or documents. A viral email hack could also expose you to Internet spyware (or tracking software). This programming helps gather information about a person or organization without their knowledge, which is then sent to advertisers or other third parties.

Email hacking viruses can allow third parties to gain access to your confidential information or causing systemwide failure, including lost data and total reformatting. This can have serious, even life-threatening ramifications, as seen by the March 29, 2016, hacked email attack on the large hospital chain, MedStar Health Inc. Although patient care wasn’t affected, the violation completely shut down MedStar computers throughout many of Washington. D.C. and Maryland facilities. The FBI believes that the email hack may involve ransomware, malware spread through email attachments and infected programs and websites. It holds data, and even entire computer systems, hostage, until the victim provides payment of some sort, typically bitcoins, digital currency traded for goods or services.

Although they serve a vital need, hospitals’ security is generally regarded as “poor.” The MedStar email hack actually comes on the heels of a February 2016 ransomware campaign that targeted Los Angeles’ Hollywood Presbyterian Medical Center (HPMC). That assault, delivered in an infected, hacked email attachment, resulted in HPMC paying the hackers $17,000 worth of bitcoins to restore control of their computer system; it took 10 days for the hospital to fully recover.

Hacked email attempts can also be initiated by foreign governments, providing them with access to sensitive, confidential information, especially that of high-level people. The email hacks may employ the same software vulnerabilities as other malware forms, such as infected email attachments, websites or documents. Even worse, these hacked emails may not be easily detected. While rare, hacked email methods can vary widely in terms of time, talent and money involved. Experts feel that if successful, a foreign cyberattack can yield a great deal of information.

What to do if your email is hacked

The good news for email hacking is that there are certain steps shown to ensure email and data security. “So much of your online security really hinges on your email address,” says John Bonora, owner and founder of the New Haven, Connecticut-based Privacy Solution Partners, a privacy consultation and identity theft prevention firm. “The Federal Trade Commission tracks all fraud and identity theft, and about half of all fraud originates via email.”

Truthfully, when it comes to preventing email hacking, it’s basically a level playing field. Prevention against hacked email includes multiple identity theft monitoring software, whether for addressing infected systems or for preventive measures. And while different security professionals may have their best practices for preventing hacked emails, the typical measures recommended are:

Smart from the start – The best method for defending against email hacking may be to be careful and vigilant before any problems affect your system. For instance, you should look at the email header (headline), as it may be disguised in some way to hide the actual sender’s identity and address; this is called “spoofing.” An example would be if you receive an email with your own name or email address. You also need to examine suspicious, hacked emails; if it’s too good to be true (lottery winnings, strange romantic partners) or too bad (arrest warnings, people in need of funds),  most likely, it’s spam, a scam or a phishing email.

Scan your system The Federal Trade Commission (FTC) recommends that you check your computer and account setting to determine if anything was changed. This should include regularly running malware scans, but especially if hacked email affects your account. If email hacking malware is detected, you’ll need to again change your password and check your settings. Having new passwords without scanning your system puts you at risk for hacked email again targeting your system.  Your computer’s security software, along with your operating system (Windows, Mac OS) should be set for automatic updates.

Alert those closest to you – Again, if your friends and family say they’ve received questionable messages from your email address, you’ve probably been the target of an email hacking. This is the point when you’ll want to take action, as your personal and business data and content are at risk from hacked email. In regard to those who may have been recipients of malicious email hacking, you should warn them – using an alternate email address, or a by phone – to avoid opening anything from your potentially compromised email address; these may contain malware that could spread to and infect their systems. You may even advise them to check if they’re protected against hacked email by the latest firewall and anti-virus programs.

New accounts and passwords – It may be in your best interest to start from scratch, by creating a brand new email address. You should then alert your contacts that you’ve done so. “If you don’t mind losing the email address, the best thing to do is close it down and open a new one,” says Scott Stevenson, president and CEO of EliminateIDTheft, an identity protection company. You may also opt for setting up an email address dedicated solely to certain activities, such as online shopping or work. Before opening a new email address, be sure you’ve kept your old addresses’ address book contacts.

As for passwords, while the email hacking may have spared these, you should change them regularly, but especially if suspicious activity has occurred. It’s important that you first update your anti-virus and anti-malware programs; if not, the email hacking can gain target your new passwords. You can usually click on an account’s “Forgot Password” link; this will take you to a page where you can choose the new one.  You may also need to update or change your account’s security questions. And, you’ll have to contact those accounts associated with the closed, hacked email address that you’ve established a new account.

This should be done for all of your involved accounts across all your computers and devices’ password manager applications may help with this task. You should also consider a two-step verification, which sends a special code – one only you have access to — to your phone when your  account settings are changed. When changing your passwords, ensure that the new ones are strong, long and hard to guess. Ideally, these passwords should be at least 10 characters long, maybe with number, letter (upper- and lowercase) and symbol combinations. You should avoid using common words and personal information (e.g., name, place of birth).

Delay online activitiesJust because you’ve set up a new account, you should take your time when conducting  new online purchases or other activities. This will ensure that your computer is virus-free, keeping your credit card information safe. And in regard to financial matters, you should be aware that if a website or company requests your banking information, it’s likely that they’re trying to acquire your information. You may want to find them in a search engine (Google, Yahoo) to first see if they’re legitimate.

An ounce of preventionOnce you’re security measures have been updated and reinstalled, you need to be careful that hacked emails don’t again access your system. As such, you should avoid suspicious email hacking attempts and any links and attachments. And, secure and private networks should be used, as they can help prevent hacked email practitioners from accessing your network.

It’s also a good idea to limit your social network exposure, along with any publicly displayed  information, as they provide a popular, convenient source for hackers and identity thieves to gather your information. You should bookmark trusted, frequently visited websites, as this will help you to avoid clicking on potentially harmful websites.

Have You Been Hacked?

*Cyber breach data provided by Have I Been Pwned

Enter your email or username to see if your information was compromised.

Have You Been Hacked?