A hacked email account is when someone else illegally logs into your account to read your email, send their emails as if they come from you and access your address book or list of contacts.
Hacked email accounts are commonly used to send out spam and viruses – including to the friends in your address book (which they will not thank you for!)
How Do They Hack My Email Account?
Online email access (such as Gmail) is growing in popularity – even if you download email into a program like Outlook or Windows Live Mail, it is very likely that your email account could also be accessed directly via a website.
For example, the email provided by your broadband provider can usually be accessed from their own webmail site too. Likewise, even if you download Hotmail into Outlook, it can also be accessed online.
All someone needs to access your account via webmail is your email address and password – they can then log in to your account pretending to be you and use it as they wish.
Hacking Your Email Password
Your email password is typically found by what is called a ‘brute force’ or ‘dictionary’ attack – a computer program throws many thousands of possible passwords at your account until it guesses right (the password is accepted) and access is then gained to your email.
Sadly this may be all too easy because many people still have email passwords that are very weak and easy to guess such as ‘password123’ or ‘123456789’…
Another possible weakness is if a user ever forgot their email password and asked their broadband provider to reset it – the provider may have reset it using the same easy password for all such requests from all their users!
So that reset password becomes very well known – e.g. I know one UK provider used to reset every such password to ‘london123’ which is likely still used by thousands of people – no need to even guess it!
That provider used to tell the user to change the password after the reset but of course a user who had to ring them up to get it password reset wouldn’t know how to do that so would just continue to use ‘london123’ and wonder later how their email got hacked…
How Do I Know If My Email Account Has Been Hacked?
Some of the tell tale signs that your email has been hacked include:
- Friends in your contact list receive mails from you (which may contain viruses or spam) even though you know you did not send them.
- You receive replies to mail that you did not send.
- Emails in your Inbox have been deleted or some emails that you did not send appear in your ‘Sent Items’ box .
- You can no longer log into your email account because the password is not recognized (the hacker has changed the password to a new one – to stop you getting into your account and fixing it by resetting the password to lock him out).
How To Fix A Hacked Email Account?
1. If you can still log into your account, do so now and change the password to a strong password – follow the guidelines to ‘Prevent Hacking‘ below.
2. Most accounts provide additional security options for memorable questions and answers that you can use to reset your password if you forget it – change the answers to something else. This prevents a hacker using the old answers to reset your new password to another one (giving them access, locking you out and starting the problem all over again!)
3. If you cannot log into your account (because the hijacker has changed the password) try to reset the password using the security options for memorable answers. Then follow steps 1 and 2 above.
4. If you cannot reset the password (because the hijacker has already changed the security options as well) contact your email provider and ask them to reset the password to allow you access your account. Then follow steps 1 and 2 above – don’t just continue to use the password that your provider reset to.
How To Prevent Email Hacking In Future
I can’t say this often enough – choose a strong password to make it very difficult or impossible for someone to hack your email account, even using advanced password cracking programs.
Tip: Strong passwords are important for email but the idea of strong passwords applies equally to any type of online transaction such as online banking and shopping. However, don’t use the same password on more than one website or email account because if just one is hacked then effectively they all are!
The keys to password strength are: length and complexity.
An ideal password is long and has a mix of upper (capital) and lower case (small) letters, punctuation, symbols, and numbers. Whenever possible, use at least 14 characters or more.
The greater the variety of characters in your password, the better. Use the entire keyboard, not just the letters and characters you use most often e.g. 12345678 or jonathan are very weak passwords (only 8 characters and all the same type) so are very easy to guess.
However, the 14 character password ?lACpAs56I”M*s is very strong because it has lower case and upper case letters, numbers, punctuation and symbols.
See my article on how to easily test your password strength to prevent hacking if you want to be sure.