Email is one of the most common forms of web communication these days.
More importantly, you probably connect everything from online banking to other online portals with your email address, making it creepier if targeted by hackers. And there’s the worst-case scenario: identity theft, which happens to millions of Americans every year.
Then how to check if your email account has been hacked? And what remedial actions should be taken if it is compromised? In this article, we’ve got you covered!
In this article:
- How do I know if my email has been hacked
- How does an email get hacked
- My email has been hacked how do I fix it
How do I know if my email has been hacked
There are some signs of a hacked email account. Below are some of the common ones that should make you suspicious.
1. Strange emails in the “Sent” folder that you didn’t send
When your email account got hacked, the attacker would probably want to commandeer your account, trying to send spam emails in your name to your contacts. So you can check your “Sent” folder to see if there are any emails you didn’t send.
2. Different IP addresses showing up on your log
Another sign of a hacked email account is that there are different IP addresses showing up on your log. Email service providers like Gmail and Outlook keep a log of IP addresses that accessed your email account. To check for suspicious logins on your Gmail or Outlook account, you can follow the simple step-by-step guide.
How to check the recent activity of your Gmail account
To view your Gmail login history and find out if there is an unusual sign-in to your account, follow the steps below.
1) On your computer, open Gmail.
2) Click Details next to the Last account activity line at the bottom of any Gmail page.
3) Now you’ll be directed to the recent account activity page showing your sign-in records, including the information of Access Type, Location (IP address), and Date/Time.
Here you’ll need to know the specific devices you used to access your Gmail account, the browser you used, the IP addresses from which you accessed it, along with the exact dates when you logged in.
If there are any activities you can’t recognize, someone may have access to your account and you should immediately change your password.
1) Open your Google Account. You might be required to sign in.
2) On the left navigation panel, select Security. Then from the Signing in to Google section, click Password.
3) Enter the password to verify it’s you. If you can’t remember the password, click Forgot password? and follow the on-screen instructions to reset your password.
4) Then create a new password.
What’s considered a strong password is that it is at least 12 characters long and includes a mix of numbers, special characters, upper case letters, and lower case letters. If you don’t feel like managing every single complex password for various accounts, you can use LastPass to generate a strong password and help you store passwords, user login info and credentials.
How to check if there’s an unusual sign-in to your Outlook account
If the system notices a sign-in attempt from a new location or device, they’ll send you an email and SMS alert to help protect your account. Or you can check the recent activity page to find out if someone was logging into your account.
1) Go to the Recent activity page.
2) Sign into your Microsoft account by following the on-screen instructions.
3) This page shows you when and where you’ve used your Microsoft account within the last 30 days.
If there’s only a Recent activity section showing up on this page, you don’t need to verify any activity.
However, if an Unusual activity section appears on this page, you need to confirm whether it was you or not. If it wasn’t, change your password to secure your account.
1) From the top navigation menu, select Security. Then click on Change password.
2) Enter the information as required into the box and save your new password.
If you can’t figure out a strong password, consider using a password manager, LastPass to help you do the work. It’s a closed source password manager that uses military-grade AES-256-bit encryption.
3. Account information found on the Dark Web
Due to data breaches and cyber-attacks, there’s a good chance that your email address and password have been leaked to the Dark Web and available to the hackers. If this sounds unfamiliar to you, check the video down below.
Having your information exposed to the Dark Web is creepy. So you should run a free Dark Web scan to verify if that’s your case.
You can try running a scan on Aura, an Identity Protection Service that is rated #1 on security.org. Running a Dark Web scan is totally free, by which you can check if information tied to your email has been exposed and you’ll be provided with a report of known exposed information and recommendations for protection, when available.
All you have to do is enter your email address into the search box and click View Results.
How does an email get hacked
Now you’ve already known how to check if your email account got hacked, you probably will want to understand how it was hacked. Below we’ve outlined some of the situations where you’re more likely to fall victim to email hacking.
1. You’re using a weak or easy-to-guess password
It’s surprisingly common that a number of people still use passwords that are highly predictable. If you’re using an email password that is relevant to some clues like your name and birthday, it cannot thwart brute force and dictionary attacks. These are some of the top password-cracking techniques used by hackers.
2. You were tricked by a phishing attack
There is a good chance that you received a phishing email and were tricked into giving your personal information by clicking on a link or opening an attachment that contains viruses and other malware.
To prevent yourself from falling victim to fraudulent emails, you should learn how to spot them. Below we’ll outline some of the tell-tale signs of a phishing email.
- Generic subject line
Usually, legitimate emails have detailed subject lines. If the one you received has a vague subject line, stay vigilant. It can be a key indicator of a phishing scam.
- Public email domain
If the email was sent from a public domain email address, such as @gmail.com, chances are you’re being phished. Emails from legitimate businesses should come from an address associated with its official domain name. For example, Instagram’s contact email firstname.lastname@example.org.
- Unnecessary urgency
Attackers usually create a sense of urgency, informing users to take quick action, such as a password change. Additionally, they usually include a link to an illegitimate website that looks exactly like the legitimate version. When you click on it, you might be prompted to enter your credentials. Upon submission, the information you just entered will be sent to the attacker.
However, you should always remember that no matter how urgent this email appears to be, you always have time to consider whether the request makes sense. It’s critical to keep in mind that it is their tricks that they threaten you with fines or other negative consequences.
- Bad grammar/spelling
You can be reasonably confident that this is a scam if you can find many spelling mistakes or grammatical errors. They usually hint that this email isn’t coming from a reputable source.
3. Your personal information has been exposed in a data breach
Unfortunately, there are side effects of this modern, internet connected world, one of them being the data leaks. When a data breach occurs, hackers gain access to the database of a service or company. Your information, ranging from email address, username, and password to Social Security Number, can be stolen.
To check if their email account has been compromised in data breaches, you can check on Have I Been Pwned, a free-to-use service. What you have to do is enter the email address and hit Enter. Then it will tell you if your account information has been exposed.
4. You were using a public Wi-Fi that is not encrypted
If you love using public Wi-Fi, you’re prone to cyber-attacks. Public Wi-Fi that lacks encryption makes it a breeding ground for cybercriminals to access your private data, and potentially steal your identity.
If you have little choice but to use public Wi-Fi in some situations, use a VPN to protect against public Wi-Fi hacking. A VPN secures the IP address of your device and prevents web browsers and unwanted visitors from accessing your data.
5. You were not logging out after using a public PC or device
Sometimes, you might need to sign into your accounts on a public PC. If you forgot to log out afterward, however, your account is at risk of being taken over. What’s more, public PCs could be infected with malware or spyware, making you more vulnerable to attacks.
My email has been hacked how do I fix it
1. Regain access to your account
If you still have access to your email account, change the password immediately.
If you’re locked out, recover your account by clicking on the link below based on the email service provider you’re using. Then follow the on-screen instructions to regain access.
2. Notify your contacts
To prevent serious harm to your contacts, you need to alert them that your email account has been hacked. And ask them to remain vigilant and pay close attention to any suspicious emails.
3. Contact your banks and credit agencies
Review your credit report to check whether there is an unexpected drop in your credit score. Also, you should check if there is unusual activity in your bank statements. If there is, contact your bank immediately and inform them of the situation.
4. Scan your device for malware and viruses
To be extra safe, you should use some antivirus software like McAfee and Avast in case there is any lingering malware or spyware. In addition, they get automatic updates to provide protection against the latest viruses and other types of malware, which can give you peace of mind.
That’s it. Hope you find this article helpful. If you have any ideas or questions concerning email hacking, feel free to write them down in the comment section below. We’ll get back to you ASAP.