An Email Hack – What to Do

It all started when I received the dreaded text message …”I received a strange email from you”… My friend shared a copy of the fraudulent email content.

Within minutes, I received notifications from dozens of friends, through email, text, DMs, and phone calls. Whether it was someone from one of my two non-profit boards, parents of my kids’ former teammates or classmates, members of my book club or old paddle tennis teams, or friends from high school, college, or the neighborhood, I heard from a lot of people on my contact list. I appreciate everyone looking out for me.

After I took a deep breath, my first thought was, “what should I do now?” Fortunately, a neighbor who helps me with IT consulting texted me as soon as he received the fraudulent email. He walked me through the first steps:

  • Update your password on your email account.
  • Let friends know you have been hacked and tell them not to open any attachments.
  • Scan your computer and smartphone with security software.
  • Report the hack to your email provider.

Email Account Fixes 

I was apprehensive about sending emails from my hacked email account, so I posted a message on Facebook. I figured it was the fastest and most efficient way to let friends know about the suspicious activity.

In addition to changing my email password and making sure it was both strong and unique, I looked at my security questions. Consider revising them. People often “overshare” on social media and give away answers to common security questions.

Additional Security Measures

I have used a password manager service for years and appreciate the convenience and added security. When my email was hacked, it was helpful to have my key passwords accessible and organized. In addition to changing my email password, I changed the passwords for my financial accounts.

Even though my bank accounts and credit cards seemed unaffected, I still filed a fraud alert with one of the three major credit card bureaus. I was relieved to learn that when you report a fraud alert with one of the three credit bureaus – Equifax, Experian, and Trans Union – the other two are automatically notified. This a big timesaver during a stressful period.

Think of everything tied to your email. Since I access my email on my laptop and on my phone, I wanted to be extra careful. You could have malware on your devices. Make sure that your security protections are current.

Although you may be tempted to run a quick antivirus or malware scan, make sure to run a full scan. In my case, a quick antivirus software scan looked at less than 12,000 files, where a complete antivirus program scan looked at over 1 million.

What I Wish I Had Known Earlier

The biggest surprise related to my email settings. It is essential to check the following settings right away, regardless if you use Gmail, Yahoo, AOL, or any other free or paid email provider.

Auto Forward

When the hacker emailed my family and my friends asking, “for a favor,” he/she asked them to reply to a different email address. For several hours after discovering the hack, I thought it was odd that I did not receive a single email. Later that day, I realized that the scammer also changed my settings to forward all incoming email to that same fraudulent reply email address. As a precaution, I removed the fraudulent email from the forwarding instructions and inputted my work email. Once I did, I started receiving personal emails again through my professional email. I had called my email provider fraud team several times on the day of my hack, and no one ever mentioned that I should check my settings.

Mail Filter Rules

After a few days, I decided to remove the forwarding to my professional email. Soon after, I noticed that I was not receiving any emails. I called my email provider once again. Finally, I received some helpful advice, and they walked me through what was happening. In addition to forwarding my incoming emails to the fraudulent email, the hacker had installed a mail filter rule. If anyone sent me an email containing a period or “.”, it would be transferred into spam and automatically deleted. Since almost every email has a “.com,” “.net,” “.edu,” etc. extension, his/her intention was to delete all incoming emails.

As a result, this rule would prevent anyone from contacting me to let me know that I was hacked. Fortunately, when I initially changed the forwarding to my professional email, this condition overrode the mail filter rule. Once I removed the forwarding, the second level fraud kicked in.

One Final Thought

While I have learned a great deal since discovering the hack, there is still one lingering question – how did it happen? I pride myself on being cautious and protecting my personal information. Like many others, I believe that I was preoccupied with COVID, the economy, my work, etc. and let my guard down. I may never figure out what happened. This experience, however, does reinforce my fundamental belief that simplicity is powerful. With so many accounts and passwords, it is easier to be distracted and become vulnerable.

If you want to learn more about how to get started managing your financial life, see our collection of Get Organized posts. 

Leave A Reply

Navigate