Helping people with computers... one answer at a time.
If your contacts suddenly get email from "you" claiming your overseas and in desperate need of funds to get home - your account has been hacked.
My email address has been compromised and someone is sending bogus pleas for help and requests for money to everyone in my address book. What should I do?
•
I'm seeing this a lot lately. Scammers manage to gain access to someone's email account and then make up wild stories - usually something about your having taken a sudden trip overseas, and now in some kind of position that you desperately need your friends to wire you money.
Of course you're not overseas, and you're not asking anyone for money.
Your email account has been compromised, and I'm not sure that there's much you can do.
But we'll try.
•
If you can still log in to the account, you should immediately change your password and change or remove all personal information. As I wrote in Is changing my password enough? it's not enough to change just your password - you need to change any and all information that a scammer could use to reset your password and regain access to your account.
If you cannot log in to the account, your options are much more limited.
You should immediately contact your email service provider. Now, on the surface that sounds both simple and like it should be a quick remedy. And if your email is being provided by your ISP or someone else with real phone support, it may be.
The problem is that most of the accounts that are being hijacked like this are free accounts with little or no customer service. Hotmail and Yahoo accounts are the most frequently compromised, and coincidentally both offer no telephone-based support. You must first access their on-line support system (perhaps having to create a new account on their system to do so), and submit your problem via a web form, email or in a support forum.
All that takes time. Response will not be quick, if at all.
This is the "price" of free email accounts.
In a case like this I would:
-
create a new email account - ideally with a service that has real support
-
send a message to all your contacts(*) that your old email account has been compromised and that they should ignore and delete all further email from that account.
-
use the new email address from now on
-
take all the appropriate precautions that it not be stolen
-
if you like, you can continue to attempt to recover the old email account - perhaps for some peace of mind - but you should probably assume that those attempts will fail.
(*) "but my contacts were on the stolen account" - exactly. If you haven't been backing up your address book in some way, or don't have some kind of a duplicate copy, then the best you can hope for is to rely on your memory. This is one of the reasons I mention backing up in the "lessons learned" below.
That's about as far as we can go with most email services. If you can't get help from the service, you're pretty much out of luck. Your account is likely to remain compromised. Tell your friends.
It's important to make sure we also learn from the experience. Account compromise can be mostly avoided or it impacts minimized if you follow a few common sense guidelines:
-
Use a good, strong password.
-
Protect that password properly; don't write it down where it's easily found, and don't share it with others.
-
Know what it means to stay safe on the internet, and if you travel, when using open Wifi hotspots.
-
Never rely on free email accounts as the only place to keep anything important.
-
Backup. Backup. Backup.
Article C4303 - May 7, 2010 « »
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
May 16, 2011 7:30 AM
Someone's stolen my email account and sending mails to my contacts asking for money, What I do to change my Hotmal ID and password. Is it ossible to get back all the existing mails to my new ID.
17-May-2011
May 18, 2011 6:38 PM
Same thing has happened to my account so changing the lot!!!! Very frustrating.
September 16, 2011 10:01 AM
find the person, after they have been given 100 lashes send them to the gallows, this would make me happy
April 25, 2012 8:41 PM
can we get on with fixing this hijack poroblem?
and not be so confusing?
August 15, 2012 5:05 PM
Everything you said above has happened to me, I am so upset. I am in a wheelchair and depend on my computer so much.
{email address removed}
•
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.