My email account has been hacked: Now what?


1st Jan 2015 Technology

My email account has been hacked: Now what?
Email hacking is sadly something we’re all likely to experience at some point and when it happens, you may feel violated. It’s crucial to act quickly to minimise the potential damage.

1. Access your account

Access your account
You need to get back into your account as quickly as possible, so visit your email provider’s website and try to log in.
If you are unable to get into your account, try using the password reset function. Look for the “forgot password” option.
You may need to answer security questions or remember numbers from a pass key.

2. Change your password

Once you have gained access, the next important step is to change your password.
The password you choose needs to use a combination of different letter cases, numbers and special characters. Try to avoid using familiar words or dates, make it random and strong.
New government campaign Cyber Streetwise aims to improve standards of online safety. They recommend putting together three random words to form your password.

3. Change your password on other accounts

It’s common but unwise to use the same password for multiple email accounts. If this is the case, change your passwords for your other accounts too. 
If you have used the same password for Internet banking, online shopping or social media then you will need to change them, too. 
This will prevent the hacker from gaining access to those accounts and causing further problems.

4. Check your sent items

Hackers often use the email accounts they have broken into to send spam or other malicious emails to your contacts to persuade them to share personal information.
You should check to see if your account has sent any emails or look for any unusual replies. Let your friends or contacts know that you weren’t the person that sent the email and advise them to check their own accounts.

5. Check your other devices

Make sure you can still access your email on other devices, such as your tablet or smartphone.
If a hacker signs-in to your email, you may need to change your password in the settings or type in your new password again in order to continue receiving your email on these devices.

The tips above should help you secure and gain access to your email, but you need to seriously think about how you can protect yourself further in the future. To do this effectively, you should: 

  • Create a long and complex password as it will take a hacker longer to break it. 16 characters is the recommended length.
  • Use a mix of letter cases, numbers, punctuation marks or other special characters to add to the complexity.
  • Use a made-up word or a spelling that wouldn’t be found in a dictionary.
  • Don’t use the same password for different accounts.

You can add another layer of security by making sure you have an alternative way to gain access to your account. This could be: 

  • Ensuring your mobile number is added to your account. This means that if you need to reset your password, your email provider can text you a specific code to enter to allow you access.
  • A device which generates a random code which you need to type into the website before you gain access. Many banks offer these devices (often called a PINsentry) for customers to log into their accounts online.
Most email providers offer one or more of these two stage authentication processes but you may need to activate them, so check your account settings to see if this is possible. It may seem a little over the top, but it's the best way to ensure hackers can’t access your information again.