Viewing 14 posts - 1 through 14 (of 14 total)
  • How do I know if my email has been hacked??
  • dickie
    Free Member

    Mate called lastnight & said he received a suspicious email from me a few weeks ago. He said I should check my email hasn’t been hacked.

    How do I check? (He didn’t know)

    captmorgan
    Free Member

    I’ll check for you, I’ll need your name, address, email address & password, bank account number & sort code…

    stevextc
    Free Member

    First thing, check it’s your exact email. Not a letter swapped or a dot moved.

    Fresh Goods Friday 696: The Middling Edition

    Fresh Goods Friday 696: The Middlin...
    Latest Singletrack Videos
    FuzzyWuzzy
    Full Member

    It’s much more likely that your email address was spoofed (still fairly trivial to do) rather than your email account being hacked. There’s not really anyway you can tell if your account has been hacked (some allow you to view last accessed times and device details and I guess you can always check sent items but if it had been hacked and misused then someone would have cleaned up after themselves). Just change your password (preferably from an iPad or something where you’re much less likely to have keystroke-logging malware running) and enable two-factor authentication if you have that option

    captmorgan
    Free Member

    I’d suggest the first thing is to perform a virus and malware scans on the devices you use mail on.
    Once you are sure you are virus and malware free change your password.
    If your chosen mail platform offers 2 factor authentication then use it.

    maccyb
    Free Member

    Chances are that the suspicious email merely claimed to be from you, rather than actually being from you. It’s very easy to send emails and make the ‘From’ name anything you like, and it’s pretty easy to even make the ‘From address’ anything you like, without having any access to the account of the person you are pretending to be. Actually hacking an email account is generally not that easy unless you’ve been careless with your password (e.g. reusing it on other accounts) and while hackers definitely do it, they usually expend their efforts on more valuable targets (e.g. intercepting estate agent deposits, bank transfers etc.)
    What was the nature of the suspicious email? If it was a low-effort ‘click on this link’ spam email then it’s unlikely to be an actual email account hack, as the effort (and the potential value) of the hack would outweigh the likely reward. If it was a more sophisticated scam attempt making a decent effort to impersonate you and take advantage of your mate in a specific way, then a hack is more likely.
    First check would be to see if the actual ‘From address’ on the email your mate received is your address (often people only check the name and not the sender’s email). If it’s not your email address, you don’t really need to worry – your account hasn’t been hacked, someone is just using your name (in vain). Even if it is apparently from your email address, it could still be faked, though, so it doesn’t mean a great deal.
    Next thing would be to check your ‘Sent’ messages and see if you have a record of that message being sent – though it’s unlikely anyone who went to the effort of hacking your email would leave the sent message for you to find – so also check your deleted messages to see if the sent message has been deleted. Still doesn’t guarantee anything as they could have hard-deleted it.
    If you have genuine concerns that your account is being accessed, your best bet would be to contact your email provider/office IT and ask if they can provide access logs to tell you when anyone logged in to your account & where from (IP address, at least). That might flag up logins from locations that don’t fit your usual pattern. Not all email providers can or will provide these though.
    Generally though I would expect that it’s been sent by someone who hasn’t hacked into your account but is aware that your name and your mate’s email address are linked in some way. That link could be found in any number of ways – leaked address books, social media contacts and address harvesting (e.g. what Harry Potter wizarding house are you, enter your email address for the results and then tag your friends…) – but there’s not really much you can do about it once it’s out there. But maybe change your email password anyway, it can’t hurt…

    Greybeard
    Free Member

    All emails have headers showing the actual computer they were sent from and the path the email took through the internet. The headers are normally hidden, but in most cases it’s just a matter of finding out how to see them – for example, in Gmail, it’s “Show Original”. The headers look a bit complicated at first, but it’s easy enough to compare a genuine email with a spoofed one. So if your mate can find out how to view the headers, and compare those on the suspect email with one the he know was from you, it will be pretty clear whether the suspect one was actually sent from a different account. If so, you haven’t been hacked, it’s just somebody who’s got hold of your address and is pretending to be you – it’s a trick spammers use to get people to open their emails.

    wobbliscott
    Free Member

    Change your log in password just in case.

    deadkenny
    Free Member

    I get loads of spam that come from people I know, but it’s not directly from them, just from a spambot. Generally either they’ve had a virus at some point which has harvested their address book or more likely they’ve signed up to something which shares their address book and that has been hacked or was malware in the first place. Very common is on Facebook. Loads of advert posts which tempt you into clicking to see more detail or sign up for a game, then it asks for some permission which people don’t look at and just click away, then they’ve got your address book from FB.

    Similar with options to log into various web sites using Facebook or Google accounts. It’s great because it saves tedious filling in a form and entering passwords, but you may also be granting access to your address book, and can you trust that site? Maybe they’re genuine, but they have rubbish security and get hacked.

    Go through your Facebook, Google, etc security settings and check all the apps and third party sites that have access to your profile. Revoke everything you don’t recognise and don’t 100% trust and actually need.

    There’s also another way which is just in how emails are sent through the internet. They’re not secure generally and can pass through many mail servers along the way and one could be intercepting mails and harvesting addresses, either deliberately or because they’ve been hacked.

    To deal with a lot of this I use a personal domain and allocate an email address per every site I sign in to. I’m a lot more protective over my personal mail I use to communicate with friends and family and try not to give it out.

    stevie750
    Full Member
    dashed
    Free Member

    +1 on the link above – it’s a legit site and recommended to me by our cyber team (depsite first impressions from the site name!)

    BillMC
    Full Member

    Couple of years ago I was looking on Google maps at an obscure site near Milan when I noticed someone’s name (whom I knew) and their work number on the map. I was a tad kin furious, photographed it and sent it to him asking what was going on. He wouldn’t have known my passwords but was a FB ‘friend’ (now blocked). Any advice for increasing security would be welcome.

    scaredypants
    Full Member

    Can’t you just look in your sent items folder ?
    If it’s not there, your account didn’t send it

    or am i fick ?

    FuzzyWuzzy
    Full Member

    Not thick but perhaps overlooking how easy it would be for someone to delete an email from Sent Items to cover their tracks if they had in fact gained access to the email account (virtually all these days would sync sent items across devices, or be cloud-based so independent of where you access from you see the same email view).

Viewing 14 posts - 1 through 14 (of 14 total)

The topic ‘How do I know if my email has been hacked??’ is closed to new replies.