Helping people with computers... one answer at a time.

If your contacts suddenly get email from "you" claiming your overseas and in desperate need of funds to get home - your account has been hacked.

My email address has been compromised and someone is sending bogus pleas for help and requests for money to everyone in my address book. What should I do?

I'm seeing this a lot lately. Scammers manage to gain access to someone's email account and then make up wild stories - usually something about your having taken a sudden trip overseas, and now in some kind of position that you desperately need your friends to wire you money.

Of course you're not overseas, and you're not asking anyone for money.

Your email account has been compromised, and I'm not sure that there's much you can do.

But we'll try.

If you can still log in to the account, you should immediately change your password and change or remove all personal information. As I wrote in Is changing my password enough? it's not enough to change just your password - you need to change any and all information that a scammer could use to reset your password and regain access to your account.

"The problem is that most of the accounts that are being hijacked like this are free accounts with little or no customer service. "

If you cannot log in to the account, your options are much more limited.

You should immediately contact your email service provider. Now, on the surface that sounds both simple and like it should be a quick remedy. And if your email is being provided by your ISP or someone else with real phone support, it may be.

The problem is that most of the accounts that are being hijacked like this are free accounts with little or no customer service. Hotmail and Yahoo accounts are the most frequently compromised, and coincidentally both offer no telephone-based support. You must first access their on-line support system (perhaps having to create a new account on their system to do so), and submit your problem via a web form, email or in a support forum.

All that takes time. Response will not be quick, if at all.

This is the "price" of free email accounts.

In a case like this I would:

  • create a new email account - ideally with a service that has real support

  • send a message to all your contacts(*) that your old email account has been compromised and that they should ignore and delete all further email from that account.

  • use the new email address from now on

  • take all the appropriate precautions that it not be stolen

  • if you like, you can continue to attempt to recover the old email account - perhaps for some peace of mind - but you should probably assume that those attempts will fail.

(*) "but my contacts were on the stolen account" - exactly. If you haven't been backing up your address book in some way, or don't have some kind of a duplicate copy, then the best you can hope for is to rely on your memory. This is one of the reasons I mention backing up in the "lessons learned" below.

That's about as far as we can go with most email services. If you can't get help from the service, you're pretty much out of luck. Your account is likely to remain compromised. Tell your friends.

It's important to make sure we also learn from the experience. Account compromise can be mostly avoided or it impacts minimized if you follow a few common sense guidelines:

Article C4303 - May 7, 2010 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

16 Comments
Mark
May 8, 2010 10:08 AM

I had a similar thing happen to my yahoo account. Friends wrote me saying they received a Viagra ad from me. I also got several mailer daemon messages about undeliverable emails. I assume this must have happened by someone hacking into the yahoo account as a bot on my computer probably wouldn't be able to send out SMTP mail on a web account. I also checked my computer for rootkits, spyware and viruses ant it came up clean. I changed my yahoo psw and security questions. Has anyone heard of this kind of thing happening?

Gabriela
May 11, 2010 3:15 AM

I have read all this so you can do nothing

Mike K
May 11, 2010 8:40 AM

One of the thing that spammers do is spoof your email address in the sender field so when someone receives an email it looks like it came from you but in reality it did not. We see this all the time where I work. We even get emails that appear to come from our domain but have a non-existant name on the email address. There really isn't much you can do in cases like this. Spammers send out millions and millions of emails to random addresses. Some get to real people some just go into cyberspace.

Craig Fearing
May 11, 2010 8:48 AM

Hi Leo

This is a trivial comment, but it's not often we can catch you making an error like this one. You wrote "if you like, you can continue to attempt to recover the old email account - perhaps for some piece of mind - ". Which piece do you suggest, frontal lobe?

Seriously, though, keep up the good work. I recently got a request for such aid from a person I barely know, but in this case it was so plausible I really started to believe it. Fortunately, he contacted me to explain the problem before I had time to feel too guilty about ignoring that mail. I hope none of his friends got taken in by this. Thanks for helping raise awareness of this problem.

Bill Chubb
May 11, 2010 10:55 AM

A dear friend of mine had a similar problem recently with a Hotmail account and was unable to get any help from so-called "customer support". As has been correctly said above, it's the price paid for a free e-mail account.

Gabe
May 11, 2010 1:38 PM

I feel if you're account has been compromised and you decide to change the password, you must also look deeper into your profile settings and see if any FORWARDING is being done. Gmail, for example has an option to forward any account activity on to another account. If the hacker is really using your account, they'll probably put a forward address in that setting if it's available. Therefore, the password you just changed has been forwarded on to the account that's in this forward setting.

Absolutely. I address that in this article: Is changing my password enough?. (Hint: no.)
Leo
14-May-2010

Richard Scotte
July 4, 2010 12:05 AM

I received such an email with a tale of woe and asking for money supposedly from a dear friend on a trip to London UK. I wrote back asking for an address to where I should send the money and back it came. Meanwhile I had phoned my friend and found she had not left Canada. I then located the Brit fraud squad address and sent them copies of the emails and the mailing address the con artist had sent to me. I did not get any response from the British bobbies so I don't know what the outcome was.I picked up the ruse because of the wording in the fake email - it did not sound like my friend's writing. So the outcome was OK for me.I don't know if anyone else got stung by this scammeer

zorro
October 23, 2010 1:51 PM

A couple of other variants that I've seen happen:

1) Intruder changes the password, then changes alternate contact address to something he controls. Thus, if the service does a password reset by sending email to the alternate address, then the message gets sent to the intruder and not to the owner of the account.

2) Intruder sets an auto-response message, where all inbound messages sent to the victim's account get another spam message.

Point #1 is why this article exsits: Is changing my password enough? (Short answer: no.)
Leo
24-Oct-2010

ladybugs064
November 22, 2010 1:13 PM

I am presently trying to deal with the Hotmail people with regards to our hotmail account being compromised. Our account has been scammed to our contacts with the message of my husband being held up in Spain, requesting 2500 Euros, please send money to satisfy the hotel bill. I am presently feeling that the scammer has got more rights than me as I am having one hec of a time trying to regain access to close it down. I need to gain access to close it but they will not give me access until I validate all the information which I am not 100% sure of and can only go my memory. What a nightmare! A lesson well learned. I would never rely on any free accounts for business. I have presently set up a new account to communicate with them. Yes, I have a thread going back and forth with them but the confidence is just not there that I will get my problem resolved.

Danny
December 7, 2010 10:44 AM

Call up your friends and tell them the situation and they should email all their contacts. It's probably that you both have many contacts in common.

Do the same on you social network accounts.

Vera Savage
March 29, 2011 3:55 PM

Yes, my email was hacked in, and I can't get in any more, password is changed and recovery email address is not available either. They are sending an email to ALL my contacts, asking for $3,500 since I was "robbed in Scotland". We even got their info, a phone number and a probably fake address in Glasgow, instructing to send the cash by Western Union and letting them know the transaction number. Anyone who can catch them in Scotland?

Suku Pillai
May 16, 2011 7:30 AM

Someone's stolen my email account and sending mails to my contacts asking for money, What I do to change my Hotmal ID and password. Is it ossible to get back all the existing mails to my new ID.

You cannot change your ID. A different ID is a different and completely new Hotmail account. I also don't know of a way to move emails between Hotmail accounts.
Leo
17-May-2011

Kathie
May 18, 2011 6:38 PM

Same thing has happened to my account so changing the lot!!!! Very frustrating.

david hornett
September 16, 2011 10:01 AM

find the person, after they have been given 100 lashes send them to the gallows, this would make me happy

homie oneto
April 25, 2012 8:41 PM

can we get on with fixing this hijack poroblem?
and not be so confusing?

Tina Inman. Someone has stolen my email account and is scamming my contacts for money, what do I do?
August 15, 2012 5:05 PM

Everything you said above has happened to me, I am so upset. I am in a wheelchair and depend on my computer so much.
{email address removed}

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.