Was Your Email Hijacked?

Category: Email

A reader asks: 'Can you please help, somehow my email account got hijacked, and now all my friends are getting spam, from me! I am always careful with my password. How could this have happened, and what should I do?'

Did Spammers Really Hijack Your Email?

The first thing to do is relax. It's quite likely that your account wasn't actually compromised. Sometimes spammers use your email address without actually hacking into your email account. It is relatively easy to "spoof" an email address so that it appears a message is coming from one address when it was really sent from another.

(See Spammer Using My Email Address to learn more about how this can happen.)

If a virus scan shows nothing unusual, and you can still login to your email account with your password, then most likely no breach has occurred. But just to be safe, I recommend that you change your password. In the worst case, hackers can gain full access to your email account and major trouble ensues.

Email Hacked

It's common for a hacker to change your email password so that you cannot log in to your own account. Then they can raid your contact list to harvest valid email addresses to add to his spam list. Also, the hacker now has access to all of your saved email, which may include sensitive personal and financial information. If you've been locked out of your own email account, contact your ISP, or use the "can't access my account" link that appears on the login screen to recover.

An email account can be hijacked in a number of ways. Phishing attacks in which a hacker subtly persuades a user into revealing login passwords are a common hijacking technique. A message, purportedly from your bank or other trusted partner, may tell you that a "security check" requires you to respond with your password. Such claims are always bogus; legitimate organizations never ask you to reveal your password via email, phone, or other means. See Spear Phishing and Internet Security for more on that.

Many forms of malware (viruses, spyware, etc.) attack for the purpose of gaining access to your computer, in order to enslave it in a botnet, and use it as a spam spewing device. This can happen without you even knowing, until people from all over the world start accusing YOU of being a spammer! See my related article BOTNET ALERT: Are You Vulnerable? to learn more about botnets.

Keylogger spyware installed on your computer can record every keystroke you type and send the results to a remote operator who can then read your password from the log file. There are several ways to detect and defeat keyloggers.

Password Safety Tips

Using the same password on multiple online accounts leaves all of them open to hijacking if just one account is penetrated. Be sure to use unique passwords on email, Facebook, eBay, online banking and other accounts. Storing passwords to other accounts in one place leaves you vulnerable in a similar way. If one account is hacked, a search through data stored there can yield several other passwords.

Failing to log out of an account when you've finished a session makes it easy for anyone who has access to the computer you used to hijack your account. Always log out of accounts accessed from shared computers, such as those in libraries, schools, Internet cafes, etc. A browser's auto-fill forms feature may reveal your password to someone who uses the same computer you use.

Password guessing is a brute-force hacking method that employs software to try random passwords until one works. Many email accounts go into "lock down" mode after a few failed password attempts, but if yours does not it's possible to get hijacked in this way. If you have a very weak or predictable password, it makes the hackers job that much easier. See my article Is Your Password Strong Enough? for tips on choosing a strong, secure password.

Server-level attacks against email providers, online stores, or financial institutions go after the password database, attempting to crack its security and harvest thousands or millions of email addresses and passwords in one swoop. There's not much you can do to prevent this type of attack except to host email only with a reputable service provider who pays attention to security, and use a secure password.

Network packet monitoring software can sniff out passwords sent over unsecured wireless connections. You should be aware of this type of attack if you use free wifi in a coffee shop, airport, hotel, etc. Use encrypted (https) connections when logging in or emailing over unsecured public wireless networks. My related article The Big Problem With Free Wifi Hotspot has some helpful tips on how to stay safe while surfing in Starbucks.

Has your email account ever been hacked? Post your comment or question below...

 
Ask Your Computer or Internet Question

  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Email:

Check out other articles in this category:



Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 31 Mar 2015


For Fun: Buy Bob a Snickers.

Prev Article:
Juggling Free Cloud Storage Services?

The Top Twenty
Next Article:
Geekly Update - 01 April 2015

Most recent comments on "Was Your Email Hijacked?"

Posted by:

Tom English
31 Mar 2015

Fidelity, and several banks, are really sending emails with invitations / offers that can ONLY be accessed by clicking on link in email and entering account # and password. The same content is NOT available signing in through saved link.


Posted by:

Bill Merriam
31 Mar 2015

Bob, I think what happens sometimes is that a
scammer/spammer intercepts a forwarded email that
is then harvested for addresses. I sometimes get
emails from myself that I never sent. I now, as a
general rule, use blind carbon copy (bcc) for the
type of emails that may be of general interest and
thus get forwarded widely, in the belief that this
may protect other recipients to my original.


Posted by:

Gene
31 Mar 2015

If you are changing your password when you think your account has been hijacked, you should also change your security question information. If it was hijacked, then they probably have that and can use it to get back in and change your new password. Then you are out.


Posted by:

Charley
31 Mar 2015

You probably weren't hacked at all. Someone else may have been, or one of your emails was accidentally gotten by a spammer. They then harvest
the from/to/cc stuff and start sending spam using any of the harvested addresses as the "from" for the spam, and sending them spam to the others. Since it appears that it came from someone the recipient knows, and went to others the recipient knows, the recipient will assume it is legitimate and open it.

Nothing you can really do about this other than change your password and notify your friends that the spam isn't coming from you.


Posted by:

Barb M
31 Mar 2015

From what I have read in the past, e-mails are not HACKED. Hacking occurs on www. xxxx only. Am I correct?


Posted by:

Susan G
31 Mar 2015

My parents' email was hijacked when they fell for a phishing scheme. They were able to get it restored by their provider. I later went through their account to make sure that there weren't any copies being automatically forwarded to another address.

If you deal with older people or folks relatively new to or unschooled with email, be sure to educate them about phishing and other scams--they need to be reminded periodically that there are people out there with bad intent.


Posted by:

John
31 Mar 2015

I gather from you article that it might be a good idea to erase emails that may contain important financial or other sensitive information. Its a bit like shredding sensitive paper documents rather than leaving them lying around. We can no longer suppose that any online account is secure anymore.


Posted by:

EARLE
31 Mar 2015

If you get a suspicious email from a friend, right click on the friends name and select properties, and you will find someone elses email address.


Posted by:

IanG
01 Apr 2015

For posterity, (and maybe help others) here is a copy of an email I sent to contacts to help them in a similar situation:

"Hello there!

This is the story of our hack:
The following is what happened to us on Thursday, 26th September, 2013.

YES, I was on to the hack within 32 minutes of them logging in to our account, and within 2 minutes of them sending out those stupid, badly worded, emails. The first thing I did was to change my password, second thing was to open the Mail Options and check who had logged in recently AND, sure enough, there it was: 4 logins from (expletive) Nigeria. (Wouldn't you think that Yahoo would block login attempts/new password applications from Nigeria, of all places on this Earth?)
I was able to spot it quickly because I always have two of my email accounts open and/or in my (Windows) taskbar. And as soon as the new email appeared as a (1) in the email button in said taskbar, I looked and instantly saw it was from our own joint email address and knew immediately we had been hacked.

I had thought, erroneously (and entirely my own fault), that anyone else would have to know my 'Personal Questions' to log in from somewhere else - BUT that is not set by default. So, I have now activated that second line of security of logging in 'from a different device'. It was so easy for them, or anyone, NOT that they had to crack my password or anything, but just to say they had forgotten it and request a new one! So, what they did was to create a new email account, tell Yahoo that one must be used for verification and Voila! - they're in. So that was the third thing I did, which was to delete the new email account they had created in my 'secondary' list.

In my own defence I'm pretty sure that the majority of email users will not have bothered to activate this second line of security, or maybe even not know about it - so take warning! And I doubt too that most people do not realise how easy it is for hackers. I knew how hackers did it, but I thought that mine was already activated (by default).

But their damage didn't end there. They had also altered and deleted other stuff. They deleted all the Contacts (which will take me some time to re-populate again); they had set it so that ALL new emails were forwarded to their new email account that they created; AND all replies should also be sent to their new email account as well; AND also no Sent emails should be sent to my Sent email folder; they had also deleted all our Sent emails - but these I found in the Trash folder (so fortunately they were not lost for good, maybe I acted just in time before they deleted those as well).

So all in all I spent hours sorting out griefing caused by blackguards. I was worn out by the time I went to bed, but fairly happy at sorting everything out."


Posted by:

IanG
01 Apr 2015

This is a PS to my previous comment:

"PS. IMPORTANT! Please make sure you delete any reference to the email that the hackers created because, depending on how your preferences are set, their email address could be automatically added to your Contact List (and therefore pop up as an option when you start entering the 'To' box on a new email). The FALSE email address they created MUST be deleted."


Posted by:

dwream
01 Apr 2015

To lanG: Thanks for your very helpful additions to Bob Rankin's sound advice! As an aging (79 hr old) computer user, I was not aware of several of the precautions that you suggested.


Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! And please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are previewed, and may be edited before posting.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.

Free Tech Support -- Ask Bob Rankin
RSS   Add to My Yahoo!   Feedburner Feed
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Privacy Policy -- See my profile on Google.


Article information: AskBobRankin -- Was Your Email Hijacked? (Posted: 31 Mar 2015)
Source: http://askbobrankin.com/was_your_email_hijacked.html
Copyright © 2005 - Bob Rankin - All Rights Reserved