Your email account did not accepting your password- or a friend wants to know why you are sending out emails with nothing in it, but a link.Join the back of the queue- your email account has been hacked.
How you became hacked is down to a number of diferent possibilities. You may have clicked on a link in an email from a similarly affected friend and downloaded a password-stealing malware. Or you were tricked into telling a scammer your password. Or, you were using the same password across several sites, and the attacker had found the password elsewhere.
Why you, you ask? Maybe your email address was on a spam lists or in some stolen database from some other site. Depending on who you are, or who you work for, the attackers may have specifically targeted you. Or perhaps you were just (un)lucky—the attackers cast a wide net and you just got caught.
Okay, you’ve been hacked- so how do you regain control?
If you are locked out of your account, try the password reset process by clicking on the “forgot password?” link. If the attacker hasn’t changed your password reset or your password hints, then you can just click on the link and get back in to your account. That may not work if the attacker has already changed the reset address and security questions.
Most email providers offer some high-level process to help users regain control of their accounts. Of course, depending on the provider, that process may be easy or difficult. Hotmail/Outlook.com users can answer a few questions to verify their identity. Google requires more detailed information in order to verify you are the owner.
Maybe you were lucky and the attacker didn’t lock you out of your account or delete any of your messages.
Eitherway your first job when you regain control is to change your password- with interest.
Upgrade your password to something strong. “Password1,” “letmein,” or even your last name backwards are not good passwords. Pick a long, weird password, with a mix of characters, upper and lower case letters, and numbers. An obscure phrase would work. Have a look at our post at: Internet account passwords- UK users need 22
Also check your password resets- did the hacker change the email address listed as the recovery address? Change it back to your own, and make sure the attacker didn’t add any additional ones.
Make sure the security questions are still questions you know the answers to. This may be a good time to change them so that someone just looking at your Facebook page won’t be able to just guess the answers.
If your email provider allows you to automatically forward a copy of your messages to another address, check to make sure the attacker didn’t set that up with some other email address.
Also think about what you were doing before you got hacked- you did something wrong somewhere, sometime.
Oh and say sorry to your email list- there’s a lot of it about, although it was your goof- you are by no means the first- or the last to be hacked.