Email hacking is one of the very unfortunate downsides to living in our highly-connected, digital world. Below are a few tips to consider to prevent or lower the chance of this happening, and what to do if your account has been hacked.
1. Change your password
This is the very first thing you need to do to ensure the hacker can’t get back into your account. It is essential that your new password is complex and totally unrelated to previous passwords. Always use at least 8 to 10 characters with a variety of upper and lowercase characters, and add a few symbols and numbers. cPanel users have the option of using the password generator to create complex passwords.
Tip! It is best to keep this password unrelated to your personal life.
Not sure how to change your email password?
No problem! Here are articles with steps included to help you:
How do I change my Email Password in cPanel
How to change my email password in .Net (WSP)
2. Let your email contacts know
Part of a hacker’s strategy is to get access to your address book with the aim of hacking others as well. Send a message to all your email contacts as soon as possible so that they know to avoid opening any emails, which is probably loaded with malware, that have come from “you”.
3. Change your Customer Zone password and security question
Customers are able to access their domain’s control panels via their customer zones. It would be best to update your security question and answer if the hacker gained access via the Customer Zone. You are able to update the password here as well.
4. Check your forwarding settings
It is not uncommon for hackers to modify your email settings so that a copy of every email you receive is automatically forwarded to them. Not only can they monitor your logins for other sites, but they’ll keep a watchful eye over any interesting personal information! So, check your mail forwarding settings to ensure no unexpected email addresses have been added. Don’t forget to check your email signature to ensure nothing spammy has been added.
Click here to see forwarding rules via cPanel.
Click here to see forwarding rules via Website Panel (.Net)
5. Scan your computer for malware and viruses
This is also important. If you find anything, please ensure it is addressed, and then change your email password again. If you don’t have an anti-virus then it would be best to invest in one. Free versions have limitations to what they can scan. Comprehensive security software will provide you with an effective digital shield.
6. Change any other accounts with the same password
This may be time-consuming, but it is very worthwhile! Ensure you change any other accounts that use the same username and password as your compromised email. Hackers love the fact that many of us use the same login details for multiple accounts, so it is guaranteed that they will try your info in other email applications and even with other sites such as PayPal, Amazon, Netflix – you name it!
7. Add a Sender Policy Framework (SPF) record
In cases where your email account is being spoofed, it would be best to add an SPF record to prevent this from happening again. Email spoofing is when hackers send emails from “your address”. Adding an SPF record will prevent this from happening.
Adding an SPF record to cPanel.
Adding an SPF record to .Net (WSP)