How can I check if my email account has been hacked?
Scams are on the rise and more people are falling for phishing attacks and email hacks than ever. Tap or click here to see how COVID-19 scams have become ubiquitous.
Think about how many times a day you open an email from someone you trust and click on a link or download an attachment. Each of those moments is an opportunity for an enterprising cybercriminal to trick you.
If you’re concerned that your email account has already been hacked, here are five signs to watch out for. Plus, we’ll show you four steps you can take to protect yourself.
1. Did you actually send it?
If you’re concerned that your account has been hijacked, check your Sent and Drafts folders for emails you haven’t written.
Using email accounts owned by real people enhances the credibility of a phishing campaign. When your email is hijacked by a hacker or malware, they are often added to an arsenal of compromised accounts that further spread phishing campaigns.
This is why you sometimes receive shady emails from contacts you know. Their account has probably been hacked and their email address is being used as a spam bot.
When viewing sent email, check the recipients and also when the emails were sent. If you don’t remember sending those messages, it’s an important sign that your account was hacked.
It’s also worth checking your Sent and Drafts folders for messages with attachments, a primary vector for phishing malware. If you don’t remember sending or composing emails with attachments, that’s a big red flag for you to find.
Your contacts may even contact you about receiving strange emails from you.
2. Did you actually change your passwords?
A compromised email account is a golden ticket for any aspiring hacker. Once they’re in, they can try to hack into accounts associated with that email address. You must ensure that those passwords have not been changed without your knowledge.
To do this, search your inbox and use terms like password reset, password verification, or password changed successfully. Carefully examine the messages that appear and note the date and time.
If you see recent password changes for accounts you own, you should reset those passwords on the other platforms before changing your email password. Without doing this, the hacker can perform another reset after you’re done. Below we go into more detail about changing your password.
3. Did you actually read those emails?
Email accounts generally allow you to sort messages by read or unread status.
But if a hacker gets into your email address, all bets are off. As they search your emails for personal information, they will likely open and close your messages randomly.
Read emails are usually displayed in a standard bold format, while unread messages are shown in bold. If you know that your inbox was full of unopened messages that are now mysteriously marked as read, you may have a hacker on your hands.
Review as many read messages as possible and make sure they don’t contain any personal information before taking additional steps, such as resetting passwords.
4. Did You Actually Throw Out These Emails?
Not only will hackers randomly snoop through your emails, but they will sometimes delete emails without thinking about the consequences. This means you could lose important bits of data that could give you an idea of what happened during the hack, including accounts they may have hacked. So much for destroying the evidence.
When checking emails for signs of threat, look in the recycle bin and scan carefully for signs of disorder. If you see an important email that you wouldn’t have thrown away otherwise, your account may have been attacked.
5. Have you actually logged in?
Most email services allow you to monitor login activity, including the IP addresses or locations used to access your account. Some even show the browsers or devices used.
To do this in Gmail, open your email account in a browser and scroll to the bottom of your inbox. In the bottom right corner, you’ll see Last Account Activity followed by a time. Click Details below to see a list of access types (browser, mobile, POP3, etc.), IP address, and date and time.
If you see a location or device that you don’t recognize, it’s a cause for concern.
The next thing to look for are login alerts for accounts associated with your email address. Many platforms will automatically send you an email if you log in from a different IP address than usual. This is intended to prevent fraud and warn you against unauthorized login.
From your inbox, search for terms like login, logged in, or logged in. Leave no stone unturned, and write down everything you find for later. You may need to reset your passwords or lock them with a system such as two-factor authentication. Keep reading for more on this.
Protect yourself in the future
Now that you know the signals to watch out for, here’s what you need to do to take action against account intruders.
Set up two-step verification to protect yourself
Two-factor authentication, or 2FA, adds an extra layer of security to your email account. Once it’s set up, you’ll be notified when someone tries to sign in from an unknown device.
To set up 2FA, you have your smartphone to hand. When it’s set up, every time you log in, you’ll receive a text message with a code to enter. Without the code you will not be able to access your email. And if a hacker gains access to your account, they can’t get in without your phone physically in front of them.
Now, 2FA is certainly not mandatory, but we can argue that it should be for email accounts because of the sensitive information they contain. Tap or click your email service below for instructions on how to set up two-factor authentication.
While you’re at it, you should also set up 2FA on any other online accounts you use frequently, including social media. You can’t be too careful. Tap or click here to learn how to set up 2FA for Facebook, Twitter, and Dropbox.
Verify your recovery email and phone number
This goes hand in hand with setting up 2FA, which requires your phone number to work.
You can set up a backup email to reset your password in case you get locked out. We recommend keeping this email hidden from other platforms; don’t use it to sign up for accounts, keep it as your private backup. It’s not much of a security feature if your recovery email can be compromised as well.
You may have set up account recovery information when you first opened your email account, or you may have skipped this step. Tap or click your email service below for instructions.
Change your password to something stronger
When it comes to cybersecurity mistakes, sharing your email password with other accounts is one of the worst. If a hacker gains access to your email password, this is the first thing they try with other accounts you own. With phishing attacks on the rise, weak passwords won’t survive.
Here’s what you need to do to make your password as secure as possible:
Use long and complex passwords that alternate between letters, numbers, and symbols. Do not use identifying information such as your name, birthday, pet name or residence in your password. These are bits of data that can be easily found by hackers, and once they do, they can easily put your system at risk. Avoid generic or simplistic passwords, no matter how tempting they are to use. Options like “password1”, “12345” and “letmein” are unfortunately common and are ranked as some of the weakest passwords on the web. Do not share your passwords with multiple accounts. If an account is hacked, hackers will try to link the password to as many of your other accounts as possible. As we mentioned above, always use 2FA if the option is available. It may add an extra step to the login process, but the added security pays off.
After you change your password, you should also update your security questions. For more tips on creating better passwords, tap or click here to read our complete guide to securing passwords.
Keep an eye on your email address
HaveIBeenPwned monitors hacker sites and collects new data about the latest data breaches and exposures every five to ten minutes. This includes your email address, usernames, passwords and other personal information.
Enter your email address and HaveIBeenPwned will check if it has been compromised in a data breach. If so, you’ll see a list of sites that released your data and what exactly was leaked.
You can click Warn Me at the top of the page and HaveIBeenPwned will warn you if your email address appears in a list of hacked information in the future.
Daily tech news that matters to you
Would you like to summarize the technical news for you every morning?
The bad news is that there are many people who want to break into your accounts for their own gain. The good news is that there are effective measures you can take to protect yourself. Follow these steps to lock your email account and change your password if nothing else.