We Live Security shared answered several great information security questions in their recent post. Here are a few highlights to keep in mind.

  1. Why would someone want to hack my email?
    1. Carry out credential stuffing. They’re betting that you will use the same log-ins on other accounts, and so use automated software to try and open them too
    2. Reset your other accounts. Most websites email a reset link to click on, which an account hijacker will be able to access and use to change passwords on your other accounts
    3. Send spam/phishing/malicious emails to all of your contacts
  1. How might hackers get your account details?
    1. Guess or brute force your email password using automated software
    2. Steal your email and log-in combination from a company you’ve registered with in the past. Although the password may be encrypted, the algorithm can sometimes be cracked
    3. Steal your password if you’ve been logging in on public Wi-Fi or a shared computer
    4. Steal your details via malware downloaded to your machine (usually via a phishing email)
  1. How can I check if my account was hijacked?
    1. Emails in your sent and inbox that you don’t recognize
    2. The password has been changed, locking you out
    3. Friends complaining of spam coming from your email address
    4. Receiving multiple password change requests from other websites and apps
    5. Your email provider notifies of multiple logins from unfamiliar IPs and locations

Source: https://www.welivesecurity.com/2022/01/20/how-know-if-your-email-hacked/

Don’t fall for a scammers tricks. Remember these tips:

  • Change your account password regularly
  • Always use unique passwords (don’t share a password with multiple companies)
  • Don’t respond to unsolicited job advertisements (phishing)
  • Keep your machine updated