Thursday, February 2

What to do if your email has been ‘hacked’?

Tips to act in case our account is hacked

sara borondo

Why would a cybercriminal want access to a personal email account? For many reasons. There we store everything from personal passwords to photos, contracts, invoices, company information or even personal bank account number or credit card PIN. We are not entirely safe from these attacks, but we have the tools to combat them.

How can criminals gain control of an email account?

fake mail

It is common for them to do so through a ‘phishing’ email in which they pose as a trusted source such as the bank or the mail provider itself, which sends a false message warning that the account is compromised and must indicate the password to verify your identity. This message often includes a link that it sends to a website that asks for the password to access the email to verify any information. Neither digital stores, nor online payment services nor any company ask for email passwords.

Large scale server attacks

If criminals gain access to website user data, addresses and passwords can be exposed, which are then likely to be sold on the dark web or used by criminals who have stolen them.


Files downloaded to your computer may contain a virus that gives cybercriminals control of your machine or sends you sensitive information, such as your email password.

How to know if the account has been hacked?

When trying to enter it gives an error message because the password is incorrect.

There are messages in the ‘sent’ folder that the user has not written or forwarded to anyone.

In another email account that you have indicated to serve as a backup, you receive the notice that someone has requested a password reset.

Acquaintances or work contacts report that they have received strange emails from the email account that is suspected of being hacked.

You can check on the page if the email or telephone number are included in any of the databases that this online tool has of the data leaks detected so far.

If the service provider sends a message warning of a login on an unknown device and you have not been the owner of the account, it is almost certain that they have tried to enter.

What to do if the account has been hacked?

The first step is to try to enter it and, if possible, change the password to a new one as soon as possible. If you can’t get in, mail service providers usually include an option to recover your account. It is advisable to try it from the computer or telephone from which the email account is usually accessed, since some email providers take this into account to guarantee that whoever enters is the true owner of the account. You have to warn friends and family to be suspicious of all emails received from the hacked account in recent days and even phone calls.

Carry out the same password change operation on all the accounts you have, since the criminal is likely to try to enter them using the same password or may have asked for a password reset link and these are usually sent to other accounts of the same user.

It is highly recommended to always have an updated antivirus installed on your phone or PC. If the account has already been lost due to a virus, you should install an antivirus to clean your computer or phone from possible malware, or if you want to be safe, reset your phone or reset your computer. Finally, you have to check the personal information in the email account: that the phone number that appears and the backup email address are correct.

How to avoid account takeovers

1. Use additional security options such as including the phone in the personal information (to be able to regain control of the account if needed) or activate two-step verification if the email provider gives this option. In this way, in addition to needing the password to enter the email, you must also indicate the phone, an extra code or a verification application such as Authenticator.

Change passwords on a regular basis.

Use a different and complex password for each account. Easy-to-remember passwords whether they are numeric (12345) or alphabetic (qwerty) are the easiest to find. It is better to use random, long keys that include characters, letters, numbers, upper and lower case letters in each account or service.

Do not download email files from unreliable or unknown sources, because they may contain malware. If they are downloaded, they must be checked before opening with an antivirus.

Do not enter sensitive personal information on the pages to which you have taken a link that was in the email.

Do not enter the email from public Wi-Fi, because important information such as the password can be seen by whoever is connected to the network.

Also Read  The keys of a precocious champion

Leave a Reply

Your email address will not be published. Required fields are marked *