Email account hacked? What is to be done?

A Data Center
Do you suspect that your email account has been accessed and used by strangers? For example, are there suspicious emails on the email account that have nothing to do with you, mails in the outbox folder, suspicious replies to mysterious emails? We give you tips on what to do then. Our customers are also welcome to contact us. We are at your side with advice and support.

Have I been hacked?

  • Are there suspicious emails on the email account that have nothing to do with you (mails in the outbox folder, suspicious replies to mysterious emails)?
  • Do your acquaintances suddenly get e-mails supposedly from you, where they are supposed to log in somewhere or open something?
  • Does someone contact you because you allegedly bought goods online on E-Bay or in a webstore and did not pay? ( identity theft )
  • Does your email address show up in government-secured hacking databases?
    Hasso Plattner Institute of the University of Potsdam: Identity Leak Check (in German)
    Haveibeenpwned.com (English language)

Possible causes

  • The most common cause for hacked accounts are phishing mails: A fictitious mail invites you to visit a seemingly official website, where you can enter your e-mail address and password to seemingly confirm, unlock, or something similar.
  • In addition, too weak passwords (1234, myname, mypet, mycompany, or similar) are a known problem.
  • It is also possible that your computer or mobile device contains a virus or Trojan that could reveal your passwords.

Measures (recommendations)

We will give you some recommendations. These are meant as food for thought to help you take the appropriate action for your own situation.

Immediate action

  • First, change the email password immediately. Secure passwordsare at least 12 characters long and have upper and lower case letters, numbers and special characters ($%&.-_).
    If access to the account is no longer possible because the password has been misplaced by the intruder, you must contact the provider/provider who provides and manages the e-mails.

Connection measures

  • If the hacked password is also used for other logins, the password should be changed there as well. It is recommended to use different passwords for all logins. To keep track of this, password manager programs help. If this is a bank, please inform the bank.
  • If the hacked email address is also used elsewhere for logins – which is the rule – a new password should be stored there as well. Using the usual “forgotten password” feature, the hacker could have already sent the appropriate passwords to the compromised email address. If this is a bank, please inform the bank.
  • If you feel that you have other email accounts or web access with passwords that are too weak, this would be a reason to set new, better passwords everywhere.

Evaluation of the e-mails

  • If the hacked account is an IMAP account, the mail server could also be affected, which contains synchronized copies of your emails that could have fallen into the hacker’s hands. Therefore, you should search through your emails to see if the hacker is doing so credentials could have intercepted from you or your customers that were mentioned in e-mails. You can use the search function of your mail program for this purpose. If you find that it is your own credentials, e.g. for WordPress logins, team tools, Dropbox, etc., you should change the corresponding passwords and check the system for unusual activity. If you are unsure, inform your provider. If customer credentials are involved, e.g. for the admin area, you should notify the customer so that they can take appropriate action.

Other measures:

  • For Windows: Install and run up-to-date virus scanners – and always keep them up to date. Keep the operating system and browser up to date.
  • With Apple, always use the latest operating system if possible (Mac and iPhone).
  • Occasionally recheck to see if the email address shows up in their hacker databases:
    Hasso Plattner Institute of the University of Potsdam: Identity Leak Check (click here).
  • If financial damage has occurred: possibly involve the police.

DISCLAIMER: The TBA-Berlin is not a law firm. The content provided here is for general information purposes only and does not constitute legal advice. We recommend that you seek independent legal advice before taking or refraining from taking any action based on the content provided here.

TBA-Berlin makes no representations or warranties, express or implied, as to the accuracy, adequacy, validity, reliability, availability or completeness of the information referenced herein. Your use or reliance on any information contained herein is for your personal use and solely at your own risk.

Categories

More news

Domain Renewal Reminder” e-mail

Sometimes domain owners receive reminder emails in English that their domain will expire if they do not respond. You can safely ignore such emails with us: With the German providers we use, domains are renewed automatically (until cancellation).

Continue reading »