Bye bye Windows 7
20th November 2019
The importance of regularly applying Windows Updates
4th December 2019
Show all

What to do if you think your email has been compromised

Unfortunately, issues around email, email security, and phishing emails are more and more frequent. The problems and issues range from a simple phishing email trying to trick you into submitting your email password to “the bad guys” to your email password being captured in some way and then used to send out emails, which you obviously didn’t send yourself.

If you suspect your email account has been compromised, then you need to take steps to help minimise any potential problems and stop the perpetrators in their tracks.

Let’s run through some steps that you should do immediately:


Scan your computer for malware and computer viruses

If your email password has been captured, it could have happened in many different ways. One common way is via a malicious piece of software being used on your computer to look for email details and send them off to a remote location. Hopefully, you’re using a well respected and up-to-date Anti-Virus and Anti-Malware program on your computer. Ensure it’s up-to-date before you begin, then run a full scan of your computer, so that it checks for, and hopefully removes any potential threats which might be on your computer.


Change your email password

When you do change your password, ensure that you change it something which is secure, has a mixture of uppercase, lowercase, numbers, and symbols in it. The longer and more random it is, the better. If you’re really concerned, then we advise you get the email passwords for all of your organisation changed at this time, to be as safe as possible. At this time you should put a policy in place where you have to have a complex password, that is also set to expire and therefore changed every so often (ideally 30 days).


Setup Two Factor Authentication (where possible)

If your email system supports it, then look at setting up Two Factor Authentication. This basically means having two stages in place to access your email – commonly it’s the email password and secure code that is either emailed to you or sent via txt message. This decreases the chances of future problems.


Get your email account reviewed in detail

You might need to seek some help with this step. The next stage is to check that nothing has been altered within the email settings that may still cause you a problem. The most common things to check for are:

  • Check that no one else has access to your mailbox (by it being shared of delegated)
  • Check that your inbound emails aren’t being forwarded out to an external address
  • Check that there aren’t email rules in place, which you didn’t put in place

Once you’ve carried out and performed these checks, you still need to be vigilant. Monitor your own email carefully by looking out for strange inbound or outbound emails. Give away signs of something being amiss will be strange bounceback messages appearing in your Inbox, emails being in your sent items you didn’t send, or simply known and trusted contacts letting you know they’ve received something from you, which they don’t think you actually sent.

If you still suspect there is a problem, if you’re able to, completely disable your email account, until you’ve had it reviewed and checked in detail, before restoring your own access to it.

Gavin Moorhouse is the owner of Lucid Computer Solutions Ltd, a security-conscious IT Services and IT Support provider based in Redditch, Worcestershire, serving the surrounding counties of Warwickshire and Birmingham.

Comments are closed.