Was Your Email Inbox Hijacked?

Category: Email , Security

A concerned AskBob reader says: 'Please help... it seems my email account got hijacked, and now all my friends are getting spam, FROM ME! I am always careful with my password and online activities. How could this have happened, and what should I do?' Read on for my answer...

Did Spammers Really Hijack Your Email?

The first thing to do is relax. It's quite likely that your account was NOT actually compromised. Unfortunately, spammers can misappropriate your email address without actually hacking into your email account. It is relatively easy to "spoof" an email address so that it appears a message is coming from one address when it was really sent from another. The design of the Internet's email protocols allows one to put any address in the FROM line of an outgoing email. Think of it like slapping a fake return address sticker on an envelope.

Spammers don't like to poke their misshapen heads out from under the rocks where they live, so they try to divert attention from themselves by making it look like someone else sent the message. They use high-volume mail merge software that picks a name and address from their database, and inserts it into the FROM line of outgoing emails. How do they get your email address in the first place? Sadly, we read about massive data breaches all the time, where millions of customer records are exposed and sold on the dark web. That’s the most likely place for spamming operations to get access to huge amounts of valid names and email addresses.

Before you panic, check your computer for malware. If your Internet security software has a "deep scan" option give that a whirl. If a virus scan shows nothing unusual, if you can still login to your email account with your password, and you see nothing amiss in your Sent folder, then you can safely assume no breach has occurred. In such a case, you can explain to your angry friends that it was the work of an Evil Spammer who forged your address, and that the messages didn’t actually come from you. It may help to explain that a physical equivalent would be sending a letter with someone else’s return address on the envelope.

If your friends still think you're selling fake Rolex watches, hawking a miracle cure for tinnitus, or running a mail-order bride service, you can prove them wrong. Tell them to examine the "Received" lines in the email headers (most email programs let you view the headers if you poke around in the options) and they (or their Internet provider) can confirm that the email truly was not sent by you or your account. (See my article Here's How to (Maybe) Trace an Email for the scoop on how to decode email headers and trace the path of an email.)

Email Hacked

So there's no breach of your inbox, and your friends are satisfied that you've not joined the dark side. You can breathe a sigh of relief. But just to be safe, I recommend that you change your password, update the security question (if your account still uses it), and turn on two-factor authentication.

The “What If?” Scenario

But what if your email account WAS compromised? It is possible for a hacker to change your email password so that you cannot log in to your own account. Then they can raid your contact list to harvest valid email addresses to add to their spam lists. Also, the hacker now has access to all of your saved email, which may include sensitive personal and financial information. It's more likely that a hacker will NOT change the password, to avoid the obvious red flag that would send. If you've been locked out of your own email account, contact your ISP, or use the "can't access my account" link that appears on the login screen to recover.

An email account can be hijacked in a number of ways. Phishing attacks in which a hacker subtly persuades a user into revealing login passwords are one hijacking technique. A message, purportedly from your bank or other trusted partner, may tell you that a "security check" requires you to respond with your password. Such claims are always bogus; legitimate organizations never ask you to reveal your password via email, phone, or other means. See Spear Phishing and Internet Security for more on that.

Some forms of malware (viruses, spyware, etc.) attack for the purpose of gaining access to your computer, in order to enslave it in a botnet, and use it as a spam spewing device. This can happen without you even knowing, until people from all over the world start accusing YOU of being a spammer! Keylogger spyware installed on your computer can record every keystroke you type and send the results to a remote operator who can then read your password from the log file. There are several ways to detect and defeat keyloggers.

I should mention that if someone has access to your email which you did not grant, you should first look close to home. A jealous spouse, a nosey family member, or an ex with an axe to grind are the most likely people with a desire to poke around in your email account. That brings me to the password...

Password Safety Tips

Using the same password on multiple online accounts leaves all of them open to hijacking if just one account is penetrated. Be sure to use unique passwords on email, Facebook, eBay, online banking and other accounts. Storing passwords to other accounts in one place (or on a sticky note) leaves you vulnerable in a similar way. If one account is hacked, a search through data stored there can yield several other passwords.

Failing to log out of an account when you've finished a session makes it easy for anyone who has access to the computer you used to hijack your account. Always log out of accounts accessed from shared computers, such as those in libraries, schools, coffee shops, etc. A browser's auto-fill forms feature may reveal your password to someone who uses the same computer you use.

Password guessing is a brute-force hacking method that employs software to try random passwords until one works. Many email accounts go into "lock down" mode after a few failed password attempts, but if yours does not it's possible to get hijacked in this way. If you have a very weak or predictable password, it makes the hackers job that much easier. See my article Is Your Password Strong Enough? for tips on choosing a strong, secure password.

And then there are data breaches, as mentioned above. Attacks against high-profile websites go after the password database, attempting to crack its security and harvest thousands or millions of email addresses (and less often, passwords) in one swoop. In some cases, this information is left completely unprotected by incompetent IT personnel. There's not much you can do to prevent this type of attack except to host your email account with a reputable service provider who pays attention to security, and use a secure password.

Network packet monitoring software can sniff out passwords sent over unsecured wireless connections. You should be aware of this type of attack if you use free wifi in a coffee shop, airport, hotel, etc. Use encrypted (https) connections when logging in or emailing over unsecured public wireless networks. My related article Free Wifi Hotspots - A Big Risk? has some helpful tips on how to stay safe while surfing in Starbucks.

As I mentioned above, the very best thing you can do to improve the security of any online account is to use two-factor authentication. See my article [DIGITAL LOCKDOWN] Authenticator Apps Protect Your Accounts to understand two-factor authentication, and how it can protect you even if someone has (or guesses) your password.

So to recap, if your friends are asking why you sent those nasty emails, it's almost certain that you didn't. Check your email account for any signs of tampering, run a malware scan, change your password, and tighten up your inbox security. Tell your friends to use the handy DELETE button, and the problem will resolve itself soon enough.

Has your email account ever been hacked? Post your comment or question below…

Ask Your Computer or Internet Question

  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Check out other articles in this category:

Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 21 Jun 2023

For Fun: Buy Bob a Snickers.

Prev Article:
Use Outbound Firewall For Extra Security?

The Top Twenty
Next Article:
Discount Inkjet Cartridges: A Money Saver?

Most recent comments on "Was Your Email Inbox Hijacked?"

Posted by:

Mike Jones
21 Jun 2023

My email was hijacked and the most unusual thing I found was that they had created a rule directing all incoming emails into my trash folder. After changing my password to something even more obscure, I found and deleted their rule. I was able to move my email back to my inbox and contacted those who had replied to the 'odd message' I had sent about their Amazon order.

Posted by:

21 Jun 2023

Mike's email was likely "spoofed". Note that if one accepts a fake Friend Request on FaceBook, the faker now has access to all of your friends via FB, using (spoofing) your FB name. If you get a request to Friend someone who is already your Friend, it is likely spurious and from a spoofed source. Do not accept that request or you will ultimately appear to be the source of fake Friend Requests to everyone of your legitimate FB Friends. Good Luck.

Posted by:

Ernest N. Wilcox Jr. (Oldster)
21 Jun 2023

To the best of my knowledge, none of my email accounts have ever been cracked/hacked. Sadly, someone has obtained my debit card number, or at least it appears that way. On two different occasions I noticed a transaction on my checking account that I did not perform. I have no idea how the miscreant got my card number for the first transaction but the second one occurred very recently. I suspect it is the result of the LastPass breach. I had my card information stored in my vault. I was able to dispute both transactions, so I did not lose any money. Within the past two years I've had two different card numbers because of these events. Be careful where you keep your debit/credit card information or this could happen to you. Also, carefully check your financial account transaction histories. These rock worms may start with a small transaction, but if you don't catch it, they will probably follow up with a much larger one. Both your computer/Internet security and your financial security are ultimately your responsibility. If you don't take steps to protect yourself, it's unlikely that anyone else will.



Posted by:

Bob K
21 Jun 2023

How do I stop someone from handing out my email address to firms as if was theirs?

I have lost the use of one email address because of this nonsense. I can't even find out if it is illegal.

Posted by:

22 Jun 2023

Remember when half of Yahoo Mail's membership was hacked - 500m was it? Exactly one half of my Contact List was compromised.

Nothing one can do can stop this kind of invasion

Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! Comments of a political nature are discouraged. Please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are reviewed, and may be edited or removed at the discretion of the moderator.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.

Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter

Copyright © 2005 - Bob Rankin - All Rights Reserved
About Us     Privacy Policy     RSS/XML

Article information: AskBobRankin -- Was Your Email Inbox Hijacked? (Posted: 21 Jun 2023)
Source: https://askbobrankin.com/was_your_email_inbox_hijacked.html
Copyright © 2005 - Bob Rankin - All Rights Reserved