Recently, there has been a surge of email account break-ins. Criminals from around the world hack into email accounts routinely and many people are confused about how to determine, “Has my email been hacked?” If your account password is stolen through a virus infection or a data breach, it can be sold on the dark web to criminal groups who will then use it to break into your accounts.

Why do cybercriminals want to break into my email account?

Email accounts are gold mines for sensitive data, and they can also be used to commit other crimes. In July 2016, the cybercriminal “Peace” advertised 200 million Yahoo accounts on the dark web in exchange for 3 Bitcoins (approx. $1,860.46 at the time). After a massive investigation and multiple breach announcements, Yahoo finally announced in 2017 that “all Yahoo user accounts were affected” – 3 billion in all. From large email hacks, to Collection #1 which included a compilation of 770 million email addresses and passwords, hacking email passwords can be very profitable for criminals. They can use the hacked email addresses and information, or sell it on the dark web. Many other popular services, including LinkedIn and Adobe, have revealed password data breaches.

With access to your email account, criminals can:

  • Commit wire transfer fraud. Criminals search email accounts for requests for wire transfers, such as those that result from real estate closings, insurance payouts, or vendor payments. Then, they intercept messages and send fraudulent requests (sometimes from a different account) designed to initiate wire transfer to accounts that they control.
  • Steal confidential information, which can be used or resold. Email contains a treasure trove of data, which can range from copies of tax returns to trade secrets to health information, and more.
  • Reset passwords for sites like Amazon, PayPal, your online banking web site, and more. These accounts are effectively purchasing tools; criminals can easily use them to buy goods or services, or even transfer cash.
  • Hack your colleagues, clients, friends, and family. Criminals can use your account to send an email to any of your contacts, which may in turn infect their computer.

How can I tell if my email account has been hacked?

It’s tricky because cybercriminals often cover their tracks. If you are worried your email has been hacked, here are a few red flags:

  • You notice email filtering or forwarding rules that you didn’t set up
  • Friends or colleagues report receiving an email from you that you didn’t send
  • Your cloud email provider alerts you to a suspicious login

Most cloud email providers have a way for you to check on your recent logins. For example, Google provides access to your sign-in history, which includes dates and times that your account was used. Often, activity history is only stored for a limited amount of time, such as 30 days. Check your account activity history regularly to make sure that no one has logged into your account besides you.

How can I defend your email account from criminals?

An ounce of prevention is worth a pound of cure. The very best thing you can do to prevent criminals from breaking into your email account is to use strong authentication.

Authentication is a method for verifying a person’s identity. For example, I might tell my computer that I am “sdavidoff,” and I prove my identity by typing in a password. There are three different ways that you can verify that you are who you say you are:

  • Something you know (for example, a password).
  • Something you have (for example, a key).
  • Something you are (for example, a fingerprint).

Two-factor authentication means that you verify a person’s identity using two methods combined. Many popular email services support two-factor authentication. For Gmail, Office365, and many others, it’s easy— and free! When you use two-factor authentication with these services, you use your mobile phone as a second factor to verify your identity. This means that criminals can’t break into your account using just a stolen password.

For video tutorials that show you how to set up two-factor authentication, visit:

What should I do if my email account has been hacked?

  • Change your password immediately. Set up two-factor authentication if you can.
  • Check your computer for viruses or malicious software.
  • Preserve the account activity history. This may help an investigator identify the source and scope of the attack.
  • Notify your insurer if you have cyber insurance that includes data breach response coverage.
  • Call a trained cybersecurity specialist if there is a chance you may have sensitive data, particularly client data, in your email.
  • Evaluate the risk that a data breach occurred. A data breach is a legal term that is defined differently under state and federal laws. It is always best to consult with an attorney that specializes in data breach response to determine whether your email account hack is legally a breach.

Cybercriminals are after your email account. You can prevent them from breaking in and stealing your sensitive data using simple tools, such as two-factor authentication. Set it up today, and sleep better knowing that your email is protected!