What to Do if Your E-mail Account Gets Compromised

Symptoms:
People listed in your e-mail contacts report being flooded with spam messages sent from your account. Or, you start receiving a bevy of "bounced" e-mails from random addresses you don't know. You aren't able to log into your account or change its settings, or you've discovered the settings have been altered. You attempt to use e-mail, and find it has been blocked by your provider.

Diagnosis:
Start with the obvious: If your password no longer works for your e-mail account (and it's definitely the correct password), you can be almost certain that someone else has taken control of it. And if your e-mail provider has blocked you completely, it's probably because your account was spewing out spam by the millions, forcing your provider to shut it down until you regain control. This is a good thing, and you'll get it back. Likewise, learning from friends that your account has let loose a firehose of spam (which sometimes can be verified by checking the Sent messages folder in your account) pretty much confirms that some scumbag has figured out your password. Losing control of your mail and password combo can be especially calamitous if, like far too many people, you use the same ones for all the online sites and services you use, such as social networking, banking and PayPal. Even the dumbest hacker will do a quick e-mail search in your account to scrape for login info on other sites, and, in no time, will assemble a pretty good portfolio on you. Depending on the ambition and skill set of the hacker, on the time between when your account was compromised and when you discovered it, and on how secure your various online accounts are, your level of pain may fall anywhere between minor annoyance to personal and financial meltdown. Time is of the essence, and don't underestimate how deep this thing can go.

Bounced messages are the digital equivalent of "return to sender, address unknown." On their own, bounced e-mails from strangers usually mean that a professional spammer has been sending spam with your e-mail address in the reply-to field (a process called "spoofing"), and hasn't actually breached your e-mail account. It's a crucial difference; having your account password compromised means your entire collection of e-mail correspondence has been exposed, while a spammer spoofing your address doesn't actually control anything. Unfortunately, while it's often possible to take back control of an infiltrated e-mail account (see below), once a spammer begins spoofing, you have no real recourse.

Causes:
While there aren't any hard and fast figures on what the number one cause of e-mail infiltration is, the overarching theme usually points to one extremely weak link: user behavior. Despite the many ways an e-mail account can be hacked, the one common element is that you, the owner, essentially allow it.

Every few years, studies show that the one reason spam is still so prevalent is because it actually works -- a percentage of knuckleheads can always be expected to open a spam message, read it, and be tempted by whatever wares or schemes are offered. Of course, many of those e-mails (and sometimes pop-up windows from strangers on IM, Skype and similar apps) are actually phishing attacks that dupe recipients into believing they've been sent a legitimate message from a business or friend. Naive users will then reply with the requested login information.

A fair number of people also think nothing of checking their e-mail on a public computer -- in a library, electronics store or Internet cafe -- and simply neglect to log out. It's a momentary lapse of reason (particularly since we don't recommend checking e-mail on any public computer), and can be the equivalent of walking away from an ATM right after entering your password.

The other gargantuan user misstep is having weak, easily determined passwords, or using the same combination of login e-mail addresses and passwords across different sites. If a hacker breaks into one site, they can quickly try the same logins on all the popular sites -- to potentially devastating effect. But, before you beat yourself up, it's also possible that your login information has been stolen because your PC, or one you've used, has been infected with spyware or some other assorted malware. (See our related story for more info.)


Treatment:
Depending on the kind of hack you've been dealt, the treatment may be as simple as logging in, and changing your settings and password. Or it may entail agonizingly repeated attempts to lock out a persistent hacker, potentially killing off your account altogether. But you should never just give up and ditch the account without trying to deal with it first.

If you aren't able to log in, you're likely going to have to go through some frustrating hoop jumping. Conveniently, Twitter's help page has a handy list of links for all the major e-mail services' support pages.

Each service has its own method for determining that you are who you say you are, and are not the person who hacked -- or is planning to hack -- your account. Besides pre-set security questions, they may ask specific details about messages you've sent, and even the exact day you set up the account. If you don't have a copy of your initial registration e-mail, try contacting a close friend whom you would have e-mailed at the time, and ask them to dig into their archives for your early missives.

If you can log in:

Make sure your PC is current with OS updates and anti-virus/malware software. Otherwise, if it has been infected by malware that spies on you, it will continue to transmit your info to whichever hacker has infiltrated your accounts. If you aren't completely sure your PC is clean, then don't do any of the following. Any changes you attempt to make could be forwarded on by malware, too.
Depending on how your account has been abused, you may not need to contact everyone spammed by your hacked e-mail. (Your scam-savvy friends will recognize bogus messages as spam.) But, if there is a personal appeal for money -- saying you're stuck traveling and need cash, or are hurt and in a hospital -- or if malware was attached, you should send word to your contact list to delete those messages ASAP.
Set up at least two new e-mail addresses. Use your original e-mail address for personal or business communication as you'd normally do. The secondary e-mail address is insurance against future hacks; use it to communicate with your service provider, since many now ask for an alternative address as added protection. Then, use a third e-mail address only for registering for sites, newsletters, online shopping and other services. It may seem paranoid and excessive (hey, that's us!), but the idea is to compartmentalize your online life a bit. That way, each "world" has its own discrete e-mail account, and will minimize the damage that can be done by any future hacks. Most importantly, though: use a different and strong password for each account -- one that is at least six characters long, and is a combination of letters, numbers and capitals/lowercase. It sounds difficult, but it isn't. It'll help prevent any hacker from gaining access to all of your data simply by infiltrating one site.

On a secure PC, log into your e-mail and then check whether or not any of the settings have been changed by a hacker. Smart hackers may set your account to notify them of any changes, so that they can go back in and switch things again. Check whether or not a signature has been added, and whether your account has been set to forward e-mail to another address that isn't yours or to run a filter that automatically forwards e-mails or attaches a file. If any of those settings have been altered, delete the new settings.
Once you have changed the settings, create a new password, and add your secondary e-mail account as your alternative address.

Going forward, never list your main e-mail address publicly anywhere online -- in forums, in online ads, on blogs or any place where they can be harvested by spammers. Use only your "registration" address, and keep it separate from your main address book.

Don't use public computers to check e-mail; there's virtually no way to know if they are infected with malware accidentally, or have keylogging spyware installed intentionally. But if you absolutely must use e-mail on a public computer, set up an extra account before you leave and change the password regularly.

my bag stolen

Hope you get this on time, I made a trip to Swansea,Wales and had my bag stolen from me with my passport and credit cards in it. The embassy is willing to help by letting me fly without my passport, I just have to pay for a ticket and settle Hotel bills. Unfortunately for me, I can't have access to funds without my credit card, I've made contact with my bank but they need more time to come up with a new one. I was thinking of asking you to lend me some quick funds that I can give back as soon as I get in. I really need to be on the next available flight.


I can forward you details on how you can get the funds to me. You can reach me via email or on Blue Island hotel front desk phone, the numbers are, +447031804805 or +447031804806.

I await your response...

azizan shaari

CONFIDENTIAL

Dear Sir/Madam,

CONFIDENTIAL

Compliments of the season to you. I know we have not met before, but my proposal calls for an emergency alert which gives me no room for much protocol but to hit directly.

My name is Barr. Jaime Ivan (Esq.) of Jaime Ivan Chambers & Associates. There is a client of mine, a Libyan who was killed along with his family during the Libya Civil war. His name is Mohammed Ali al-Attiyah from Misrata District in Libya, an oil business magnate who worked for National Oil Corporation in Libya for many years until his death.

Before his death during the civil war in Libya, he deposited two trunk box containing the sum of USD $8M (Eight Million United States Dollars) and 1000 Carats of Uncut Diamond known to me in April 13th 2009, in a confided Safe Security Company here in Spain. Recently as I was checking his documents file with me in my office and from my enquiries and investigations from the Safe Security Company, I discovered that he has no next of kin registered to claim this consignment due to some high co-operate security secrecy surrounding the consignment.

Furthermore, it is also unknown to the Safe Security Company the real content of the deposited consignment with them as cash; he did not declared the content of the two boxes as foreign currency but as Diplomatic Documents and Confidential Co-operate Treasure/ Valuable documents which we must uphold in the process of filling the claim of this consignment. As his representing legal adviser and the only legal person known to the Safe Security Company, I have in my custody all the legal deposit documents that cover this deposit which I will immediately use your personal details to replace as the next of kin and business co-operate to late Mohammed Ali Al-Attiyah.

Upon receipt of your response, I will immediately tender to the Security Company a letter informing them to immediate release the deposited consignment in your name as the heir inheritor/next of kin and business co-operate to late Mohammed Ali Al-Attiyah. Therefore, to make this effective, I required that you forward to me your full contact details, such as your personal and confidential direct phone contact number, email and fax.

On your arrival in Spain we will move the fund to the bank for onward transfer to your designated bank account outside Spain. I want you to also maintain absolute secrecy and confidential of this message as a matured business person with high confidential integrity. If you are not capable of handling this fund, do not disclose it to any other person as this is very important and once in a life time business opportunity for me.

We will discuss on sharing percentage as soon as I hear from you.

Thanks and Regards,
Yours Sincerely,

Mr. Jaime Ivan

Email: Jaime.ivan@ymail.com

invite you to participate as broker, agent to Liberty Investment

From Mr. Ahmed
Tuesday, February 14, 2012 12:21 AM
From:
"Ahmed Shaheen"

To:
undisclosed-recipients
Attn.
Am Ahmed Shaheen I wish to invite you to participate as broker/agent to Liberty Investment individualized equity investment portfolio management program. Dubai International Capital LLC/ Liberty Investment (DIC) is a Dubai-based international investment company with a primary focus on private and public equity in the Middle East with over 500 billions of private and corporate investment portfolios.

We are privately looking for fiduciary agents and management experts who will be willing to act as investment portfolio holders and administrators. We currently have a back-log of an Excess Maximum Return Capital Profit (EMRCP) of an average of 1.2% on each private investment and corporate portfolio under our administration and control.And we wish to re-invest this fund by putting it into the management of private businessmen and corporations with good business ideas that can generate at least 10% ROI per annum over maximum of 5 years duration.

The fund will be disbursed based on a clear loan of 4.5% interest rate per annum for 5 years renewable tenure.All sign-up contracts briefings and investment portfolio management files will be handled in Dubai , United Arab Emirates . For further details please contact me directly with the contact information below.(ahmed.shaheen@w.cn)

Best Regards,
Mr.Ahmed Shaheen.
Chief Executive Officer
Director Liberty Investment
Dubai International Capital LLC (DIC)
http://www.licuae.com
United Arab Emirates

Funds For Investment (USD65M)

From: Tang Kam Sun tksun101@aol.com

Funds For Investment (USD65M)

Dear Friend,

We solicit for a private investor who wants to invest his financial estate
in long-term business venture in your country/company under your
supervision.

You will be required to;

[1]. Receive the funds.
[2]. Invest and Manage the funds profitably.

My client is willing to negotiate Management sharing percentage after your
acceptance. We expect to ear from you urgently as this is a high priority
Investment Placement and kindly send your information to enhance
communication.

Thank you for your understanding.

Sincerely Yours,

Mr. Tang Kam Sun
Email: tangkamhk@aol.com
Email: tk_sun_1@yahoo.com.hk
Website: www.icbcasia.com