Helping people with computers... one answer at a time.

Closing an email account seems like a logical solution to an account getting hacked, but unfortunately it doesn't address all the possible issues.

A hacker got into my previous email account. I canceled the account. I received information from friends that they are still receiving email from it. Is this account shut down completely to prevent emails being sent out in my name? This email from the hacker is a virus.

There are several things that could be going on here, and at least one misconception.

It's possible your account was never hacked.

It's possible your account was never closed.

It's possible your account, once closed, was reopened.

Let's look at those one by one.

You said that a hacker got into your previous account: how do you know this?

Here's why I ask: bogus email that looks like it's coming from your account is not a sign that your account has been hacked.

I've written about this before: just because email looks like it came from you doesn't mean that it actually did come from you. Spammers and malware authors now routinely fake the "From:" line in email to make it look like email comes from places and people that, in reality, had nothing to do with it.

"Spammers and malware authors now routinely fake the 'From:' line in email ..."

So, if you think you were hacked because someone got a virus laden email that appeared to be "From:" you, that may not have been the case at all. You may not have been hacked - in fact, if that's the only indication, I'll go so far as to say it's likely that you were not.

Closing an account is a serious step, and as a result email providers make it difficult to do "by accident". Depending on the provider, the closing process may simply involve simply finding the right link and clicking on it, and a confirmatory "are you sure?" kind of message. Others add an email verification step so that you must click on a link emailed to you to doubly confirm that you own the account before deleting it. Miss that email, and the account stays open.

Because the reality of what it means to completely close an account is lost on many people you often still have a grace period to change your mind. Many providers allow for a period of a day to a month or more, to "reactivate" the account; all you need to do is login, confirm you want to reactivate, and the account is back (though often all the email and contacts are gone forever).

If your account has been hacked, and the hacker knows the password, then it might well be trivial for them to re-activate the account after you've "closed" it.

Even if you close your account.

Even if the account is not reactivated.

Even if it's really, truly closed, erased and gone forever...

Eventually the email name will be released for re-use.

At that point someone could come along and open a new account with the same email address. It would be totally unrelated to your original account - except that it has the same email address.

How long email names are kept from re-use is something that varies from one email provider to the other. It could be a day, it could be a month or much more. But eventually, the email address for the account you closed will be considered "unused", and become available for someone new to grab.

Recommendation:

The only way I know to prevent this is to never close the account. If you've been hacked and still have access (contact the provider to regain access if you do not) quickly change or remove every bit of personal information, change the security answers, passwords and whatever else might be known by the hacker that they could use to hack back in. You can stop using the account, but check in on it every so often so that it doesn't get closed for lack of use. Keep it open so that only you can legitimately use it.

If that's not an option, then the only thing I know of to do is to send an email to all your contacts instructing them to ignore all further email from that hacked account.

But, sadly, closing your account is actually not a very effective approach to resolving the issue.

And if it's just email that's being spoofed to look like it comes from you, there's actually nothing you can do, except point anyone that complains at Someone's sending from my email address! How do I stop them?!.

Article C3794 - June 28, 2009 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

1 Comment
Dan
July 6, 2009 2:13 PM

This happened to me also. I removed all my contacts from that email address which is inconvenient but it stopped.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.