There many reasons why email accounts are hacked. However, one of the most common is when a company that holds your information has a database hacked, and the miscreant scurries off with all the information which is typically then sold on dark web
and hacker forums
Your password would probably have been encrypted by the company that holds your details, but if it’s a simple password, for example, letters and one or two numbers, it’s relatively easy for a hacker to break the password using brute force software.
This type of software runs through millions of permutations at lightning speed.
The value for hacked emails accounts can certainly be notable for hackers. What they look for essentially are emails that relate to financial transactions, such as messages from solicitors on conveyancing or mails relating to financial investments. They then impersonate the legitimate owner of the email account with the ultimate aim of stealing money and typically will set up a bank account in the victim’s name and attempt to divert funds to this account.
This could be, for instance, a message to a financial investment company that holds money on behalf of the victim to withdraw some of the funds into the fake bank account.
You might think that if your email details have been compromised you would receive notice from the organisation which lost your information. This is not always the case. Consider the mega Yahoo breach which exposed more than one billion accounts
. It took several years before Yahoo admitted to the hack. It’s often the case that a company doesn’t even know it’s been hacked until customer details are discovered by security researchers
. In fact this is the rule rather than the exception.
The following six signs indicate that your email account may have been compromised:
1. Your password has been changed
One of the most obvious signs of your email being hacked is the fact that you can’t sign into it. If your email password is rejected as incorrect and you didn’t change it, it’s a strong indication that someone else has altered it. One of the first things many hackers do is change your password to prevent you from logging in.
2. Mails in your inbox that you don’t recognise
Sometimes a hacker won’t change your password so you won’t notice that anything’s wrong. If you think something is not right, check your sent mail folder to see if there are messages there that you didn’t send. If you do find some, then you know a hacker probably has access to your account.
Another sign to look out for is for password reset emails that come from other websites and which you didn’t request. A hacker may use access to your email to try and change your password on other sites. Hackers understand that many people use the same password across different web sites and by trawling through your inbox they can see which websites you regularly use such as Amazon for example.
3. You receive unexpected emails
Hackers that gain access to compromised email accounts will search for personal information such as who you bank with or credit card companies you use. It’s possible that some personal information is revealed such as user name and other identifying data like account numbers.
Fraudsters will use this information to create messages from your bank or credit card provider and they will incorporate personal data they find to give the messages a veneer of authenticity. They may even try to call you citing this information. This can make it difficult to determine whether the mail/call is genuine.
If in doubt, and the messages arrive out of the blue, don’t respond or call the bank to verify that they are trying to contact you or not as the case may be.
4. Different IP addresses show up on your log
This is a good way of determining whether someone is using your account. An IP address
is essentially a digital address which reveals your physical location. Some email service providers have a tool that reveals your IP address and every time you log into your account the IP address is recorded.
For instance, if you have a Gmail account, scroll to the bottom of the page and in the far right corner you will see, in very small font Details.
Clicking on this reveals the IP address locations from which your account has been accessed. If you only access the account from home or work the IP address log will show the same address. If there are different IP numbers in the log, it means your account is also being accessed from another location.
If you don’t use a Gmail account, search the internet for your email providers name and how to locate IP addresses.
5. Are friends receiving spam messages from you?
If your friends tell you they’ve received spam from your email address, it’s safe to assume your security has been compromised and your email. You should then assume that your personal data is a risk and take the necessary steps to secure yourself (see list below).
6. The sky is clear
If there are no signs that your email account has been compromised that is all well and good. However, if you want to be absolutely certain you can check HaveIBeenPwned.com.
This is a really useful tool that not only gives you a list of the top ten leading breaches (startling reading) but also allows you to see if your email account has been compromised in a data leak. You simply key in your email address and you’ll get an immediate answer.
If your email account has been compromised you can take some simple steps to put things right:
Create a new email address
The best thing to do is close the compromised account down and open a new one. Make sure you use a strong password, combining numbers, symbols and letters for your new account. It’s also a good idea to set up an additional email account specifically for online purchases. This keeps your personal information separate from information about online transactions.
Let your friends know
Use a different email address or another form of contact to warn friends and contacts not to open anything from your compromised email address. Recommend that they use the most up-to-date firewall and anti-virus protection available. Tell friends who’ve received spam from you to run a scan using their anti-virus protection and to make sure all security patches are up to date.
Speak to your bank and other organisations
Your email address is likely tied to many of your online activities. If your account is compromised you don’t want the fraudsters asking your bank to send a new user name and password to that email account. If you are certain the account is compromised, notify your bank, your credit card company and other online accounts that you’ve changed your email address.
Don’t buy anything online - yet
You need to make sure your computer is virus-free before you start logging in credit card numbers for online purchases. Some malicious software is designed specifically to track every key stroke a computer makes and if crooks have got your email address they may well have infected your machine with malware too.
Protect your computer
Make sure your computer is clean. Run a strong anti-virus programme
to check that you haven’t got spyware or other types of malware on your computer. Also make sure you’ve installed all the latest security patches and updates for your operating system and browser.