{"id":8273,"date":"2022-01-20T12:00:00","date_gmt":"2022-01-20T10:00:00","guid":{"rendered":"https:\/\/blog.eset.ee\/et\/2022\/01\/20\/how-to-know-if-your-email-has-been-hacked\/"},"modified":"2022-01-20T12:00:00","modified_gmt":"2022-01-20T10:00:00","slug":"how-to-know-if-your-email-has-been-hacked","status":"publish","type":"post","link":"https:\/\/blog.eset.ee\/et\/en\/2022\/01\/20\/how-to-know-if-your-email-has-been-hacked\/","title":{"rendered":"How to know if your email has been hacked"},"content":{"rendered":"<p>Email has been with us for decades. And while social media and mobile messaging apps are increasingly popular, it remains the mainstay of our personal and professional communications. There <a href=\"https:\/\/www.statista.com\/statistics\/255080\/number-of-e-mail-users-worldwide\/\">are an estimated<\/a> 4.1 billion email users globally today, with 306 billion emails sent and received every day last year. We use it for everything from sending pictures and keeping up with friends, to interacting with essential healthcare, banking, government and other services.<\/p>\n<p>Yet email is also a honeypot for malicious activity. By hijacking our accounts, hackers can monetize attacks in a variety of ways to line their own pockets. For the victim, it can be a stressful and bewildering experience.<\/p>\n<p>In this article, we look at:<\/p>\n<ul>\n<li>how to check if you have been hacked<\/li>\n<li>how to recover your email account<\/li>\n<li>what you can do to avoid falling victim again.<\/li>\n<\/ul>\n<h2>Why would someone want to hack my email?<\/h2>\n<p>Cybercrime <a href=\"https:\/\/cybersecurityventures.com\/hackerpocalypse-cybercrime-report-2016\/\">costs the world trillions annually<\/a>. A great deal of this revenue comes from monetizing stolen data, which many of us don\u2019t realize is often stored in our email accounts. We might have sent bank statements to our accountant. Rental agreements containing contact details. Or highly sensitive data to our lawyer.<\/p>\n<p>This information could be harvested by an attacker and used against us, to elicit more information, in <a href=\"https:\/\/www.eset.com\/uk\/types-of-cyber-threats\/phishing\/\">phishing attacks<\/a>, or leveraged directly to carry out <a href=\"https:\/\/www.eset.com\/uk\/types-of-cyber-threats\/identity-theft\/\">identity fraud<\/a>. Some 49 million Americans lost a total of around $56bn to identity scammers <a href=\"https:\/\/www.businesswire.com\/news\/home\/20210323005370\/en\/Total-Identity-Fraud-Losses-Soar-to-56-Billion-in-2020\">last year.<\/a><\/p>\n<p>Cybercriminals might also want to get your email account and log-ins in order to:<\/p>\n<ul>\n<li>Carry out <a href=\"https:\/\/www.welivesecurity.com\/2019\/04\/10\/credential-stuffing-attacks-login\/\">credential stuffing<\/a>. They\u2019re betting that you will use the same log-ins on other accounts, and so use automated software to try and open them too<\/li>\n<li><a href=\"https:\/\/twitter.com\/christorres630\/status\/1466232337713319948\">Reset your other accounts<\/a>. Most websites email a reset link to click on, which an account hijacker will be able to access and use to change passwords on your other accounts<\/li>\n<li>Send spam\/phishing\/malicious emails to all of your contacts<\/li>\n<\/ul>\n<blockquote><p><a href=\"https:\/\/twitter.com\/SCSEagles1\/status\/1483850953212243972\"><\/a><\/p><\/blockquote>\n<p>There are a few ways hackers could get your account details. They could send a phishing email directly, tricking you into believing it came from a legitimate source \u2013 potentially even your email provider \u2013 and requesting you \u201clog in\u201d again. Alternatively, they might also be able to:<\/p>\n<ul>\n<li>Guess or brute force your email password using automated software<\/li>\n<li>Steal your email and log-in combination from a company you\u2019ve registered with in the past. Although the password may be encrypted, the algorithm can sometimes be cracked<\/li>\n<li><a href=\"https:\/\/www.welivesecurity.com\/2022\/01\/05\/5-ways-hackers-steal-passwords-how-stop-them\/\">Steal your password<\/a> if you\u2019ve been logging in on public Wi-Fi or a shared computer<\/li>\n<li>Steal your details via malware downloaded to your machine (usually via a phishing email)<\/li>\n<\/ul>\n<h2>How can I check if my account was hijacked?<\/h2>\n<p>The first step towards recovering your account is finding out what happened. Some common signs that your email has been hacked include:<\/p>\n<ul>\n<li>Emails in your sent and inbox that you don\u2019t recognize<\/li>\n<li>The password <a href=\"https:\/\/twitter.com\/LESbOxKiNg\/status\/1468261741364715524\">has been changed<\/a>, locking you out<\/li>\n<li>Friends complaining of spam coming from your email address<\/li>\n<li>Receiving multiple password change requests from other websites and apps<\/li>\n<li>Your email provider notifies of multiple logins from unfamiliar IPs and locations<\/li>\n<\/ul>\n<p><a  href=\"https:\/\/web-assets.esetstatic.com\/wls\/2022\/01\/email-1.png\" data-rel=\"lightbox-gallery-0\" data-rl_title=\"\" data-rl_caption=\"\" data-magnific_type=\"gallery\" title=\"\"><img loading=\"lazy\" decoding=\"async\" alt=\"\" height=\"492\" src=\"https:\/\/web-assets.esetstatic.com\/wls\/2022\/01\/email-1.png\" width=\"639\"><\/a><\/p>\n<p>If you want to double check, try <a href=\"https:\/\/haveibeenpwned.com\/\">HaveIBeenPwned.com<\/a>, which runs an extensive database of breached email and mobile phone accounts you can check against.<\/p>\n<p>Additionally, Google, for example, enables you to <a href=\"https:\/\/support.google.com\/mail\/answer\/45938?hl=en-GB\">review your recent account activity<\/a> or perform a \u201c<a href=\"https:\/\/myaccount.google.com\/security-checkup\/6?hl=en\">Security Checkup<\/a>\u201d, which includes recent activity such as new sign-ins. Other major email services provide similar options, as well as offer step-by-step guidance for <a href=\"https:\/\/support.google.com\/accounts\/answer\/6294825?hl=en\">recovering<\/a> a compromised account (<a href=\"https:\/\/support.google.com\/accounts\/answer\/7682439?hl=en\">Gmail<\/a>, <a href=\"https:\/\/help.yahoo.com\/kb\/SLN2090.html\">Yahoo Mail<\/a> and <a href=\"https:\/\/support.microsoft.com\/en-us\/office\/my-outlook-com-account-has-been-hacked-35993ac5-ac2f-494e-aacb-5232dda453d8\">Outlook.com<\/a>).<\/p>\n<h2>How do I stop my email account from being hacked again?<\/h2>\n<p>Going through the experience of having an email account hijacked reminds us all just how much we use these apps every day. The good news is there are plenty of things you can do proactively today to prevent the same thing happening again. These include:<\/p>\n<ul>\n<li>Change your email passwords and any others you\u2019ve reused on other sites<\/li>\n<li>Switch on multi-factor authentication (MFA), which will mitigate the risk of password theft<\/li>\n<li>Run a full computer scan to ensure there\u2019s no malware on it<\/li>\n<li>Don\u2019t fill any personal or log-in info online if you receive an unsolicited request to do so (via email, text, social media etc)<\/li>\n<li>Don\u2019t log-in to email on public Wi-Fi or a shared computer<\/li>\n<\/ul>\n<p>Following a serious incident, it might also be useful to reach out to your main contacts (using blind carbon copy aka BCC), or even via <a href=\"https:\/\/twitter.com\/bobbynash\/status\/1468086181145595912\">social media<\/a>. If you\u2019re concerned, also inform your bank. At any rate, stay calm and learn from the experience.<\/p>\n<p class=\"wls-source\"><a href=\"https:\/\/www.welivesecurity.com\/2022\/01\/20\/how-know-if-your-email-hacked\/\" rel=\"nofollow noopener\" target=\"_blank\">Read the full analysis on WeLiveSecurity \u2192<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Think your email may have been hacked? Here are the signs to look for, how account takeover attacks commonly occur, and how to recover your account and avoid falling victim again<\/p>\n","protected":false},"author":5,"featured_media":8274,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[155],"tags":[],"class_list":["post-8273","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-how-to"],"acf":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts\/8273","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/comments?post=8273"}],"version-history":[{"count":0,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts\/8273\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/media\/8274"}],"wp:attachment":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/media?parent=8273"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/categories?post=8273"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/tags?post=8273"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}