Hacked, Hijacked, Spoofed, and Spammed: What to do if your email account has been compromised.

You check your e-mail one morning and realize that there are dozens of bounced messages and e-mails from contacts asking you if the link that you sent them is legitimate.  You didn’t send a link to anyone, so what happened and how do you fix it?

What is spamming? Spamming is the distribution of unsolicited bulk e-mail.  Intentional spam is delivered by individuals who are soliciting a product or business, while unintentional spam is bulk e-mail distribution from within an infected or compromised computer. This can be generated from a virus or worm that activates e-mail distribution, or from someone actually hacking into your account, effectively hijacking your e-mail account.

What is spoofing?  E-mail spoofing is the forgery of an e-mail  header so that the message appears to have originated from someone or somewhere other than the actual source.  To find out if the e-mail in question originated from your account, check your Sent Mail folder.

What to do if your email account has been compromised:

  1. Change the password to your email account and any accounts linked to it, such as Facebook or Paypal.  It’s best to use a combination of numbers, letters, and symbols, and don’t keep a universal password for all of your accounts.
  2. Create a sign-in seal.  This is linked to your computer, not your email account, so someone attempting to access your email account through a different computer will need to answer security questions.
  3. Change your security settings.  Log in to your account settings, and change your password hints, reset information, and linked accounts.
  4.  Make sure that your virus scan program is up-to-date.  AVG is my personal favorite.  Not only should you run a virus scan on a regular basis, you should also have a malware program, such as Malwarebytes to scan for malicious adware.
  5. Create a second email account and use it for online registration and ordering.  Don’t use your personal e-mail account for online registrations or purchases, forms, or mailing lists.  Keep a spam account solely for this purpose.