More and more these days, we're hearing reports
about hacked email accounts -- in which individuals' accounts are hijacked by
crooks and used to spam their victims' contacts. An email goes out to your
contacts seemingly from you often containing a link that leads either to a
sales site or, worse, a malware download. Or they may be one of those spoof
distress emails claiming the supposed sender is in trouble and needs money.
So how can you tell if your email account has been
hacked and what can you do about it? The Federal Trade Commission (FTC) has
recently issued guidance, which has been posted on the government's OnGuardOnline
website.
How to Tell If You've Been Hacked
Usually, the first clue you get that someone is
using your email address is when you get emails from your contacts about
messages they say they've received from you and which you know for sure you
didn't send. You might also check your "Sent" folder if you use an
online email account and see messages there that you didn't send. Similarly,
you may find your Facebook or other social network account has posts that you
didn't write. You may not even be able to sign in to your social media or email
accounts.
It's also possible, says the FTC, that people may
be receiving emails that seem to come from you when your account hasn't been
hacked at all. In that case, the crooks are spoofing your email address --
using their tech skills to "overlay" their real address with yours.
But even then, you'll still want to take action to put things right.
How Did You Get Hacked?
There are several ways crooks can get hold of your
email account info but the simplest way is that you gave it to them. They
already know your email address. It'll be on hundreds or thousands of messages
you sent out (including those on jokes you circulated or someone sent to you)
or on other sites where you have accounts.
In fact, it's not hard to guess your address if,
like most people, you use your first and last name followed by the mail service
provider -- like JohnDoe@somemailservice.com. Now, all they have to do is guess
your password, which, depending on how wary you are, could take just seconds.
Or they may get hold of it from company computers where you have an account,
which they have previously also hacked. If you use the same password on
multiple accounts, you're in big trouble.
Alternatively, you may have inadvertently installed
malware on your PC, perhaps from the very same trick that's now being passed on
to your contacts -- you clicked on a link you thought was sent to you by
someone you know. The malware then goes through your PC, collects your password
details, raids your contacts list and begins the whole process again.
What to Do If You've Been Hacked
You should take five key actions if you believe
your email account has been hacked:
> First, check for and get rid of any malware on your PC. Update and run your internet security software for this. If nothing is found, visit the software company's website or search the Internet for more malware-scanning tools from reputable companies.
If you haven't found any malware, download the free scanner form Malwarebytes. Although this is NOT a substitute for full-blown Internet security (as the company will tell you), it does have a good reputation for tracking down and removing installed malware that other tools miss.
> Second, change you passwords. Again, check out our earlier reports on how to create strong passwords. And follow the two golden rules: Don't use the same password for different sites, and change all of your passwords regularly. Use a password manager.
> Third, check with your email provider or social networking site for guidance on restoring or resetting your account. You may find, for example, that the crooks have already changed your password and you can't log on to your own account. You'll find links from most of the big providers on StaySafeOnline.org's Hacked Accounts page.
> Next, check your account settings. Says the FTC: "Once you're back in your account, make sure your signature and 'away' message don't contain unfamiliar links, and that messages aren't being forwarded to someone else's address. On your social networking service, look for changes to the account since you last logged in -- say, a new 'friend'."
> Finally, make sure you tell all your contacts about what has happened, as soon as possible. If you email them, use the "bcc" address field so all their details remain hidden to the others.
If you haven't found any malware, download the free scanner form Malwarebytes. Although this is NOT a substitute for full-blown Internet security (as the company will tell you), it does have a good reputation for tracking down and removing installed malware that other tools miss.
> Second, change you passwords. Again, check out our earlier reports on how to create strong passwords. And follow the two golden rules: Don't use the same password for different sites, and change all of your passwords regularly. Use a password manager.
> Third, check with your email provider or social networking site for guidance on restoring or resetting your account. You may find, for example, that the crooks have already changed your password and you can't log on to your own account. You'll find links from most of the big providers on StaySafeOnline.org's Hacked Accounts page.
> Next, check your account settings. Says the FTC: "Once you're back in your account, make sure your signature and 'away' message don't contain unfamiliar links, and that messages aren't being forwarded to someone else's address. On your social networking service, look for changes to the account since you last logged in -- say, a new 'friend'."
> Finally, make sure you tell all your contacts about what has happened, as soon as possible. If you email them, use the "bcc" address field so all their details remain hidden to the others.
How to Avoid Being Hacked
It would be better, of course, if you didn't get
hacked in the first place.
You can reduce the risks by following our password
guidance and keeping your passwords secret; using a difficult to identify
address or at least adding numbers to your address name and keeping your
security software up to date.
For more information on this FTC guidance, visit
OnGuardOnline's Hacked
Email page.
Based on article from Scambusters.org 9/13/13 .
It's really a marvellous feeling when you see your name on print. Congrats to you! Love the name of your blog!.Website designing experts bangalore
ReplyDeleteI glimpse the superlative contents on your blogs and I perfectly relish going through them. Thanks for distributing this helpful info. hold updating same way.
ReplyDeleteby LAW 421 Entire Course Provider