Having trouble logging into your email, seeing weird messages in your sent folder or getting login alerts from strange locations? Bad news: Your email may have been compromised.
Email is one of the most popular and effective forms of communication today. Unfortunately, since we now send so much information via email, our accounts are valuable targets for bad actors to attack.
Recognizing different types of cyberattacks can help you determine whether your email has been compromised and how to take action afterward. Keep reading to learn more about cyberattacks and what you can do if you suspect your email has been compromised.
What does a ‘compromised email address’ mean?
A cyberattack is an attempt to gain illegal access to someone's email or computer system to cause damage or harm. If an unauthorized person acquires your account credentials — aka your username and password — or otherwise gains access to your email, your account is considered “compromised,” or no longer secure. If that person accesses your email, they can see every piece of information you've sent or received, including sensitive details like your Social Security number or phone number. It can also give them access to other platforms, your contact list and confidential documents. If you use the same credentials for other accounts — which many people do, though it’s not considered a safe practice — they'll also have access to those.
If your email is compromised, you should consider taking immediate steps to fix the problem and protect yourself. For instance, you should report your email breach to the Internet Crime Complaint Center (IC3). The IC3 is an organization run by the FBI that monitors and responds to internet crimes.
In 2022 alone, the IC3 received over 800,000 consumer complaints addressing a wide array of internet scams, including compromised email accounts, phishing attempts, extortion, personal data breaches and more.
5 signs your email has been compromised
Knowing the signs of a compromised email account can help you determine whether you've been hacked. If you can spot these signs, you'll be able to take steps to protect yourself. Here are five indicators that your email may have been compromised:
1. You're receiving password reset emails that you didn't request
Consider the number of accounts that are connected to your email, including:
- Bank accounts
- Credit card accounts
- Social media accounts
- Retail accounts
When you sign up for a service, the company generally requests your email address for login and communication purposes. If a hacker gains access to your email, they might request password changes to your accounts to take control of them.
Needless to say, you should only receive password resets for your accounts if you requested them. If you begin receiving these requests without asking, it can be a sign you may have a compromised email account.
2. You can't access your email account
Similarly, a hacker often changes the password to an email account after breaking into it. If they do this, your existing password will no longer work, and you could lose access to your own account. To prevent being locked out, you'll want to follow email security best practices and set up a recovery email and phone number. In the event your email account is hacked, your service provider can contact you through these backup channels to recover your access.
3. Your friends and family ask about emails that you didn't send
When people you know receive strange emails from you, they may ask you why or if you sent them. In this case — if your friends or family get emails from your account that you didn't send — there's a good chance your account is compromised.
4. Your sent folder contains emails that you didn't send
If you suspect your account was hacked, you can browse your sent folder. If you see emails you didn't send, you should question how they got there. This suspicious activity can let you know that you have a compromised email account.
5. You see IP addresses you don't recognize on your email activity log
Email providers generally offer a way to see the IP addresses associated with your email. Look for this feature in your account settings, and check it periodically. It reveals the location, device and browser for all the login records associated with your account. If you see unfamiliar locations or suspicious activity, a malicious actor may have gained access to your account.
How do emails get compromised?
Emails can be compromised in several ways, but understanding the types of cyberattacks can help you protect yourself and take preventative measures. Here are six common ways your email account can be compromised:
Email phishing attacks
Email phishing attacks involve credible-looking emails that purport to be from organizations you trust, such as your bank or credit card company, that are actually messages designed to trick you into providing sensitive information to a hacker.
For example, a phishing email might ask you to click a link to verify personal information in a quote-unquote “routine procedure” for your account maintenance. Once you provide the data, a hacker can open new accounts in your name. Learning how to spot a phishing email can prevent you from falling for this.
Hacked Wi-Fi networks
Email hackers can also break into accounts through home Wi-Fi networks. If someone hacks your home network, they may be able to access the information on devices linked to that network.
Logging into a public Wi-Fi network can also make your account vulnerable to exploitation. For example, do you ever bring your laptop to a local coffee house to work? If so, you'll likely sign into the cafe's Wi-Fi network for internet access. Public Wi-Fi networks are a haven for hackers because they can tap into them and steal the information of people who are logged in. As such, you should use caution when signing onto any public network.
Devices infected with malware
Malware is software hackers can use to damage devices and steal information. If your device is infected, someone may be able to access your login credentials and other sensitive information. Hackers often place malware in email attachments, links, pop-ups and websites. All it takes is one wrong click.
Forgetting to log out of public devices
Do you ever visit a library or store and use its computers? If you check your email on public devices and fail to sign out when you're finished, you risk being compromised because whoever comes next can access your account.
Weak or repeated passwords
Remembering the login details to all your accounts can be challenging, which is why many people reuse passwords. Unfortunately, weak or repeated passwords can make it easier for hackers to access your accounts. Just think: If they steal login credentials to one account, and those credentials apply to many, you’ve just given them extra access. Use strong, unique, hard-to-guess passwords and change them often to prevent this problem. This is one of the best ways to learn how to protect yourself online.
Data breaches are increasingly common occurrences. In 2021, publicly disclosed data breaches exposed upwards of 22 billion records. If you're involved in a data breach, a bad actor could use your information to gain access to your email or even carry out identity theft.
My email has been hacked. How do I fix it?
If your email is compromised, what do you do? The bad news is the hacker may already have some of your personal details. The good news is you can fix the problem. Here are a few steps you can take to secure your account.
1. Access the account. If your password no longer works, try using your recovery email or phone number. You can also work with your email provider to verify your identity and (hopefully) remedy the issue.
2. Change your passwords. Create strong passwords with letters, numbers and symbols, and use a different password for every account. If your accounts have email security questions, change these, too. Choose more difficult questions, and make sure that you're the only one with the answers. If you struggle to remember multiple passwords, a digital password manager can store your passwords in an encrypted database. Password managers are convenient and secure as long as you choose a reputable service and select a strong master password.
3. Set up multi-factor authentication. With this feature, even if a person obtains your password in the future, they'll be unable to log into your email without passing a secondary verification step. This step could be a text with a code sent to your phone or biometrics using your fingerprint or facial recognition.
4. Install antivirus software. This email security software can locate and remove malware, viruses and other harmful software, helping you prevent further issues. Unfortunately, antivirus software can’t detect and prevent every virus — but it can be beneficial if you choose a reputable provider and use it in combination with other steps.
5. Use a virtual private network (VPN). A VPN can be a more secure way to connect to the internet. By encrypting your connection, a VPN can hide your IP address from others and protect your sensitive information. Although they sometimes decrease your internet speed, VPNs can prevent hackers from tracking your online activity or stealing your login credentials.
6. Report the attack. If your email has been hacked, you should consider reporting this as fraud through the IC3 website. If the hacker stole your identity or caused financial harm, you can also report the problem at identitytheft.gov and set up credit-monitoring services. These services help you watch your credit report and detect identity theft issues immediately.
How to password-protect emails
Every email account needs a strong password, but what about every email itself? Many providers will now allow you to password-protect individual emails, adding an extra layer of security to protect sensitive or confidential information.
To password-protect a single email, you must create a password, passphrase or private key for that specific message. When a recipient receives your message, they must enter that password to open it. Every email service provider has a different method for password-protecting emails. For example, Gmail has a confidential mode, Outlook has an “encrypt" option, and Proton mail has an external encryption button.
What is the most-hacked email provider?
Choosing a safe and well-regarded provider is one of the top email security solutions. As a result, it’s essential to learn which email providers offer the highest and lowest levels of security.
Gmail is one of the most popular web-based email providers; however, that doesn’t automatically mean it’s the most secure. For instance, Gmail doesn't provide end-to-end encryption, a method of secure communication that prevents hackers from accessing the information in your email as it travels through your server. (Gmail is also owned by Google, a massive company with a history of data breaches.)
Unfortunately, most email providers experience data breaches from time to time. For example, Yahoo experienced major breaches from 2014 through 2016, and Microsoft 365 encountered issues during the COVID-19 pandemic.
Your best bet is to choose an email provider with extensive security features, such as end-to-end encryption. Additionally, you should find a provider that offers Sender Policy Framework (SPF). This tool takes the authentication process a step further by blocking messages from IP addresses you haven't validated.
What is ‘business email compromise’?
Business email compromise (often referred to as BEC) is similar to consumer email compromise, but instead of an attacker fraudulently accessing your personal email account, they target an organization. The scammer poses as a trusted member or partner of the business and uses emails to request information.
For example, the attacker may email a fake invoice to trick the company into paying money. They might ask an employee to purchase gift cards or update bank information to route payments to the scammer. Because they typically impersonate someone you know or have no reason not to trust, these can be very effective scams.
Between 2013 and 2022, the IC3 received over 137,000 BEC complaints, and the total exposed dollar loss reached more than $17 billion.
Summary of Money's guide to follow if your email has been compromised
Has your email been compromised? If so, you can use the resources and information provided here to respond appropriately. If you haven't experienced a compromised email, you can take the necessary steps to prevent it from happening. Learning the signs can help you detect cyberattacks quickly, and taking preventative measures (including getting an identity theft protection service) can help you avoid long-term consequences.