Helping people with computers... one answer at a time.
Closing an email account is many people's first reaction to getting hacked. Unfortunately, it rarely helps, if it's even possible. I'll explain why.
I have closed an e-mail account that has been hacked into with a virus and has been sending to people and crashing their computers, why is this happening? I have closed the account. HELP PLEASE!
•
Most likely because it's not closed.
People frequently come to me asking how to close an email account that has been hacked into. Quite often they're particularly desperate and insistent that the account must be closed, and immediately.
This question illustrates why my recommendation is: don't waste your time.
Closing the account, in all likelihood, won't help; the damage has already been done.
•
Hackers Often Just Reopen the Account
If, somehow, you are successful at going through the steps to close your email account you'll often find that there's a out, a way - for a limited time - to re-open the account should you later change your mind. (You'd be surprised, I think, at how often people do change their minds.)
The "I didn't really mean it!" approach typically involves once again proving that you are the owner of the account with your password, the answers to your secret questions and/or confirmation sent to your alternate email address.
Or, sometimes, simply by logging into the account.
Hackers know all this.
They often know that the account can be reopened. They often know (or have themselves set) the security questions. If they can, they might even change the alternate contact information to be another account over which they have control.
So, within moments of your closing the account, the hacker re-opens it.
And continues sending spam from it.
You Often Accidentally Reopen the Account
As I mentioned above, frequently just logging into the account is enough to cancel its closure.
Many accounts these days are more than just email. On that same account you may have instant messaging programs, photo sharing services, and much, much more.
If you cancel the email account and then go log into your instant messaging program you may well have instantly re-activated the account.
IF you intend to cancel the account you have to forever walk away from everything associated with that account.
Otherwise the account may simply not be canceled.
The Hackers May Not Need Your Account
A common trick of hackers is to slip in to an account they've just hacked and steal the contents of the address book.
The damage has been done.
Even if you really, truly cancel the account and it really, truly is and stays canceled:
-
Hackers can still send spam to all your contacts, which they stole.
-
Hackers can even make it look like it came from you, even though they are no longer using your account - "From:" spoofing is trivially easy
So you might put a lot of time and mental energy into closing the account, and even if you're successful ... it solves nothing.
Another Way That Accounts Get Reopened
If you successfully close an account most services hold on to the account name (usually the email address) for "a while" - anywhere from a few days to a few months.
Then they make it available for new account creation, since no one is using it.
Someone could (and if your email name is particularly desirable, almost certainly will) open a new account with the email address you left behind.
And you have no idea who might get that old email address of yours.
Your old "closed" account could come back to haunt you.
But What Can I Do?
Aside from not getting your account hacked in the first place, you mean?
Not much.
And yes, it sucks that someone else might have control over your old email account and be spamming or scamming your contacts. There's still almost nothing you can do.
That's exactly why account hacks are such a bad thing.
If your account gets hacked and you can't wrest control back from the hackers, then there's only one thing you can do: create a new account, tell your contacts that the old email address isn't you any more, and get on with your life.
And take steps to ensure that your new account doesn't get hacked as well.
Article C4682 - December 17, 2010
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
There are a few problems with closing email account even if it's possible to really do it. 1 A long lost friend or relative may have that address and try to contact you.(It's happened to me more than once, glad I check that one once a month to keep it open) 2. If someone innocently registers with your old email address, any email sent to you will go to them. My suggestion: get a new address but keep the old one and check it once a month.
Posted by: Mark Jacobs at December 18, 2010 3:02 AMI will extend Mark Jacob's suggestion.
Keep the old account with really weird, unguessable, information (was your mother's maiden name actually ck39d$) for everything and save it so that you can get back in yourself. Then (if it is not a huge source of spam), set it to forward to a new account of yours.
By keeping it and changing ALL the information, you block the spammers from taking it back.
Another issue is that they may not have actually hacked your account. They may just be spoofing your address. Your friends may be seeing mail that looks like it is from you but isn't. I get mail from "myself" all the time without my accounts being hacked.
Posted by: bill at December 21, 2010 9:12 AM