Editor’s Note: Nikki Junker, the communications and media manager at Identity Theft Resource Center, tells us what to do if a hacker gets into your email — and how to avoid it in the first place.
Most consumers who know their way around even the most basic of internet functions have heard of someone having her social media account hacked or her credit card information accessed from a third party vendor. And while those incidents are both alarming and inconvenient, they may not hold a candle to the damage that can be done if the individual’s email address is hacked.
While having someone dig around in your Facebook account is bothersome and knowing that someone has breached your bank or credit card information can certainly be frightening, your email address contains some of the most valuable information you’ve got.
Besides providing access to things like sensitive work documents or private personal messages, your email address is very often the user name on your most important accounts. Everything from online shopping to logging into your bank account may involve your email address. Once a thief gains access to your email account, it’s simply a matter of pretending to be you and changing that password to something new, a word that you don’t know.
Once the thief changes the password and has complete control over your email account, he simply checks through your old messages to find out where you bank, where you shop online, and which credit cards you use. A quick search of your email account will provide all of that information, giving him the leads he needs to get busy with your identity. After discovering all of the sites you use, he then goes to each site, tells the site he forgot “his” password, and follows the directions that the companies will email to him courtesy of your address.
These steps will allow a thief to create whole new passwords on your accounts, and let him access your information. Some of those sites may require answers to common security questions, but the answers to many of those questions are all too easy to discover on Facebook or other social media sites.
So what do you do if your email address is hacked? First, don’t panic, but at your first opportunity you’ll need to set aside a block of time to devote to cleaning up the trail the thief leaves behind. This will mean changing your email password in order to restore your access, then reaching out to all the possible sites that may have been breached. Send a change of password requests to any sites that may not only have been compromised, but also that may lead to further information about you.
If that sounds tedious or complicated, don’t worry. It’s certainly not any fun and you’ll probably want to keep a pen and paper handy so you can be sure you’ve thought of all the sites, but it isn’t terribly difficult. It’s just a matter of clicking on “forgot my password” on the login screen to the websites, then retrieving the link and instructions from your email. Of course, there’s an even better way to make the process go more smoothly, and that’s to avoid the situation in the first place.
Strong passwords are vital to protecting your online identity and securing all of your data. Once you develop a strong password—which is a password that contains a long string of letters, numbers, and even symbols, and doesn’t have anything to do with your name—make sure that you don’t give in to the urge to take the easy road by using that password on multiple accounts. Keep your accounts even more secure by changing your password routinely, and make sure you don’t store passwords in your mobile devices.