When your email gets hacked, follow these steps

Although most people are by now aware of what kind of emails appear authentic and what kinds do not, you shouldn’t take this lightly. A compromised email means that the hacker is one step closer to stealing a lot of your personal information.

Think about what kind of information you usually store in your emails: passwords, personal photos and videos, sensitive work details, sometimes even passwords to other sites. If your email account has been hacked, you should act quickly to make sure they don’t get your other important information.

Follow these steps to keep yourself safe and ensure it won’t happen again.

#1: Get back into your email

When your email has been hacked, there’s usually two options: either the hacker left your password unchanged, or you’re now blocked out of your own account.

For the most part, hackers leave the passwords unchanged, so the first important step for you to do is to log inside your own email account. For the second choice, simply click on ‘Forgot Password’ and reset your password.

Now that you’ve got your own account, immediately change your password. It shouldn’t be ‘password’ or ‘mommylovespuppy.’ Your password needs to be strong. Try this trick: if you agree with the statement “I love to take my dog for a walk every morning” and can remember it, turn it into 1l2tmd4awEVm (replacing I with 1, to with 2, and for with 4). Or you can use any variation thereof that mixes uppercase, lowercase and numbers.

Even more, use two-step authentication, so that whenever you enter a site from a new location, your email client will send you a code by text message or through an app. That way, if you’re in Chicago and someone tries to log in from Moscow, they won’t get in without your code.

#2: Make sure nothing else has been compromised

Immediately after you get control back of your hacked email account, change the passwords on all your other accounts. That includes Facebook, Amazon, Twitter, LinkedIn, and of course your banking accounts. This is especially important considering that the hacker can use your email account to gain access to your other accounts. They just use the ‘Forgot Password’ feature on those accounts, which will send a verification to your email account.

In order to check this, go through your Spam and Trash folders on your hacked email account and see if there’s been any password reset emails.

#3: Check your email settings for spam

It’s possible that, even after you’ve recovered your email, hackers altered your settings in various ways. One way is to automatically forward your emails to another account, so that the hacker can see what emails you’re receiving. You’ll need to go through your forward settings and see if anything has been altered.

Another thing hackers may do is change your signature or out-of-office reply. They may have added a link to your signature or out-of-office reply, so that anyone you send emails to will click on the links and visit those malicious sites.

#4: Ensure it won’t happen again

Now that you’ve recovered your hacked email account, you want to make sure it doesn’t happen again. As I mentioned above, the first good defense is a really strong password. The best passwords are a random string of characters totaling 16 or more—but of course, they are extremely hard to remember. For great security with not much memory required, get a password manager like NordPass.

Besides that, you should use only private networks. Many people get their information stolen while on holiday. They log in into the free Wi-Fi in the hotel lobby or at a coffee shop, library, or other public places and get compromised. Read our earlier blog post about how to protect yourself from what’s known as evil twin hotspots, fake Wi-Fi hotspots set up to steal your data.

Related: How to send an anonymous email

Another option, instead of avoiding all free Wi-Fi, is to use a VPN, such as NordVPN’s. It has great features with flexible pricing. It works by creating a secure connection to a server in a location of your choice, so that all your communications go through there. That means, even if someone is snooping to catch your data, seeing as all your information is encrypted, they’ll just end up getting gibberish.

Remember, however, all the best tools and services are available to help you. However, they can’t help you if you have easy, weak passwords or engaging in risky behavior, such as posting too much personal information on social media.

The best way to protect your personal information is to practice vigilance.

Has your email ever been hacked? What did you do? Let us know in the comments below!