Someone's stolen my email account and is scamming my contacts for money, what do I do?

Helping people with computers... one answer at a time.

If your contacts suddenly get email from "you" claiming your overseas and in desperate need of funds to get home - your account has been hacked.

My email address has been compromised and someone is sending bogus pleas for help and requests for money to everyone in my address book. What should I do?

•

I'm seeing this a lot lately. Scammers manage to gain access to someone's email account and then make up wild stories - usually something about your having taken a sudden trip overseas, and now in some kind of position that you desperately need your friends to wire you money.

Of course you're not overseas, and you're not asking anyone for money.

Your email account has been compromised, and I'm not sure that there's much you can do.

But we'll try.

•

If you can still log in to the account, you should immediately change your password and change or remove all personal information. As I wrote in Is changing my password enough? it's not enough to change just your password - you need to change any and all information that a scammer could use to reset your password and regain access to your account.

"The problem is that most of the accounts that are being hijacked like this are free accounts with little or no customer service. "

If you cannot log in to the account, your options are much more limited.

You should immediately contact your email service provider. Now, on the surface that sounds both simple and like it should be a quick remedy. And if your email is being provided by your ISP or someone else with real phone support, it may be.

The problem is that most of the accounts that are being hijacked like this are free accounts with little or no customer service. Hotmail and Yahoo accounts are the most frequently compromised, and coincidentally both offer no telephone-based support. You must first access their on-line support system (perhaps having to create a new account on their system to do so), and submit your problem via a web form, email or in a support forum.

All that takes time. Response will not be quick, if at all.

This is the "price" of free email accounts.

In a case like this I would:

create a new email account - ideally with a service that has real support
send a message to all your contacts(*) that your old email account has been compromised and that they should ignore and delete all further email from that account.
use the new email address from now on
take all the appropriate precautions that it not be stolen
if you like, you can continue to attempt to recover the old email account - perhaps for some peace of mind - but you should probably assume that those attempts will fail.

(*) "but my contacts were on the stolen account" - exactly. If you haven't been backing up your address book in some way, or don't have some kind of a duplicate copy, then the best you can hope for is to rely on your memory. This is one of the reasons I mention backing up in the "lessons learned" below.

That's about as far as we can go with most email services. If you can't get help from the service, you're pretty much out of luck. Your account is likely to remain compromised. Tell your friends.

It's important to make sure we also learn from the experience. Account compromise can be mostly avoided or it impacts minimized if you follow a few common sense guidelines:

Use a good, strong password.
Protect that password properly; don't write it down where it's easily found, and don't share it with others.
Know what it means to stay safe on the internet, and if you travel, when using open Wifi hotspots.
Never rely on free email accounts as the only place to keep anything important.
Backup. Backup. Backup.

Article C4303 - May 7, 2010

Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

You may also be interested in:

Someone has stolen my Windows Live / MSN Hotmail Account and is scamming my contacts. What can I do? Scammers are stealing email accounts and trying to convince your contacts that you're in trouble and need money. I'll look at your options for Hotmail.
Is changing my password enough? Changing your password is a common response to security breaches. Unfortunately, it may not be enough to recover.
Are free email services worth it? Free email services and accounts are convenient and ubiquitous. But free email services aren't the right place to keep your important information.

Recent Comments

14 Comments

Call up your friends and tell them the situation and they should email all their contacts. It's probably that you both have many contacts in common.

Do the same on you social network accounts.

Posted by: Danny at December 7, 2010 10:44 AM

Yes, my email was hacked in, and I can't get in any more, password is changed and recovery email address is not available either. They are sending an email to ALL my contacts, asking for $3,500 since I was "robbed in Scotland". We even got their info, a phone number and a probably fake address in Glasgow, instructing to send the cash by Western Union and letting them know the transaction number. Anyone who can catch them in Scotland?

Posted by: Vera Savage at March 29, 2011 3:55 PM

Someone's stolen my email account and sending mails to my contacts asking for money, What I do to change my Hotmal ID and password. Is it ossible to get back all the existing mails to my new ID.

You cannot change your ID. A different ID is a different and completely new Hotmail account. I also don't know of a way to move emails between Hotmail accounts.

17-May-2011

Posted by: Suku Pillai at May 16, 2011 7:30 AM

Same thing has happened to my account so changing the lot!!!! Very frustrating.

Posted by: Kathie at May 18, 2011 6:38 PM

find the person, after they have been given 100 lashes send them to the gallows, this would make me happy

Posted by: david hornett at September 16, 2011 10:01 AM

See all 14 comments...

Post a comment on "Someone's stolen my email account and is scamming my contacts for money, what do I do?":

Name: (Required - will be included when your comment is published.)

Email Address: (Required - will not be published.)

Remember Me? YesNo

Comments: (You may use HTML tags for style)

Before commenting, please...

READ THE ARTICLE. A comment that shows you didn't will be deleted and ignored.
Comment only on the article. Use the search box at the top of the page if you have a question about something else.
NO PERSONAL INFORMATION in the comment. No email addresses. No phone numbers. No physical addresses.

Anything that looks the least bit like spam will be deleted. Links to unrelated sites or links that appear to be primarily promotional will be deleted, or the comment will be deleted.
Don't ask me to recover lost passwords or hacked accounts. I can't. Those comments will be deleted.
I can't respond to every comment. And I can't vouch for the accuracy of others who do.

Read Why didn't you answer my question? for hints on getting an answer.
By posting a comment you agree to the Terms of Service. Don't agree? Don't post.
READ THE ARTICLE. A comment that shows you didn't will be deleted and ignored. Yes, I'm saying this twice; you'd be amazed.

Please wait. Your comment is being processed ...

Question? Ask Leo!
The Tip Jar: Buy Leo a Latte!

Categories | Full Archive
By Date | Business Card | About

Advertisements do not imply my endorsement of any product or service.

Copyright © 2003-2012 Puget Sound Software, LLC and Leo A. Notenboom
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC
Terms, Conditions & Privacy
Product Reviews, Recommendations and Affiliate Links Disclosure

http://ask-leo.com/someones_stolen_my_email_account_and_is_scamming_my_contacts_for_money_what_do_i_do.html