Who hasn’t this happened to? You generally find out when friends/family let you know they got an email from you that had ‘questionable’ content. Another way is you checking the ‘Sent’ box, or, you can’t access your account.

So what do you do? This is just a general guide with some useful links which you might wish to use/save.

1. Don’t panic. Access to your email again (hackers generally don’t change passwords)…they generally just access it and send out a mass email to everyone in your address book. BUT, let’s say they did change it. Just use the ‘I lost my password’ option and change your password. When you get back into the email account, make sure your recovery email is accurate, hasn’t been changed in your account settings.

Check the active logins to see if anyone is currently logged into your account. Yahoo will let you see active sessions, but there’s no logout option. Gmail has both. Outlook.com provides neither option. If you have the option, terminate all active logins. You’ll then be secure. If you see an active login not yours in Yahoo, communicate with the site admin and report it with all details. You may have to establish a new account. Use the suggestions in 2 and 3, AND don’t open emails from strangers. Don’t be ashamed to call the friend (or coworker) to ask, “Did you send me an email with an attachment?”.

2. Start using Unique and strong passwords (letters, numbers and symbols). Even better? Add a password manager like LastPass (https://lastpass.com/), DashLane (https://www.dashlane.com/) or KeePass (http://keepass.info/index.html) .

3. Change that password on all your other devices so that they’ll be able to access that email whose password you changed.

4. Let your friends know! The hacker did what he/she did for a reason! Your account might well have been used to distribute malware or a url to a site where they get a ‘drive by’. Tell them you didn’t send any email with an attachment or url, and tell them to delete any suspicious email.

5. Start using two-factor authentication.

6. Check your other sites. Make sure your passwords are unique and strong (see 2).

7. You probably got hit via a phishing email. Take a few minutes to learn how to spot and avoid a phishing email here http://www.cnet.com/how-to/spot-a-phishing-e-mail-in-2014/.

8. Now, give your computer some love and run a malware scan using updated software, or an online site like Kaspersky (http://www.kaspersky.com/virus-scanner), Panda (http://www.pandasecurity.com/homeusers/solutions/activescan/) or, best: herdProtect (http://www.herdprotect.com/). herdProtect is best, imho because it is a multi-engine scanner. If one or two engines (out of the 68 used) report a ‘positive’, chances are it isn’t…if more report it, clean your computer. You can find the list of engines used here: http://www.herdprotect.com/engines.aspx

Have a good rest of the weekend!

Source:

http://www.cnet.com/how-to/what-to-do-if-your-email-gets-hacked-and-how-to-prevent-it/?tag=nl.e214&s_cid=e214&ttag=e214&ftag=CAD3c77551