ZoneAlarm helps you deal with an email hack attack

The hacking of emails is now one of the most common attacks that are made against users on the internet, and the reports of such incidents are reportedly on the rise. During March of this year, it was revealed that those who use Yahoo!, the third largest providers of emails in the world, were the latest victims of what is termed a ‘large scale hacking attack’, and cyber criminals have hijacked users accounts as part of a global campaign using spam emails.

But how do these attacks happen? And more importantly, what are the immediate steps that users can take should they find themselves victims of an attack? Here, we will look at some of the more common methods cybercriminals use to gain access to personal email accounts and the implications a successful hack may have for the account holder. We will also outline a few simple yet effective steps to take in the event of an attack.

Breaking and entering

A successful email hack makes itself known relatively quickly. Your email contacts may alert you to strange spam messages that have seemingly been sent from your account. Alternatively you may find your provider has blocked you from sending messages, or worse still you are completely unable to log-in to your account. But how exactly is an unknown entity able to gain access to your email account? There are many ways an email account can be hacked, though bizarrely they are almost always facilitated in some way by the account owner:

Guesswork (and weak passwords)

Probably the simplest and most common method of attack is sheer guesswork. Internet users are often far too naïve when it comes to choosing passwords. Phrases such as ‘password1’ and ‘let.me.in’ pose no real challenge to a hacker trying to access an account. Alternatively, cybercriminals may use ‘password dumps’ which are essentially databases of common passwords compiled by other hackers.

Phishing (and clicking)

Another way of eliciting users’ passwords is via spam messages or bogus websites that request personal information. Users will often innocently click on a link or pop-up and, convinced by whatever is being offered, be fooled into supplying log-in data. In such cases, hackers don’t need to waste time on guesswork; the password has been freely handed over by the account owner!

Malware (and no anti-virus protection)

A slightly more sophisticated method of attack, malware (often inserted into websites) can dupe Internet users into copying viruses or spyware. If the malware goes undetected due to the absence of up-to-date antivirus software, users will inadvertently infect their own system with a program that allows hackers to monitor key strokes, thus revealing data such as account log-in details.

‘Into the breach’ – consequences of a hack attack

Methods and sources of attack are undoubtedly varied; and in the majority of cases a victim unwittingly assists in the breach. From innocently clicking on a link within an email from an affected account, to making poor choices when creating passwords; sometimes it’s simply a case of users being careless with their password details. Regardless of how your account was compromised, the consequences can be dire.

The primary concern following a hacked email account is the potential for identity theft. Once they have obtained access to a victim’s emails, cybercriminals often make use of automated programs, designed to scan email content and extract any data that may then be used to assume the victim’s identity or access financial accounts. But the problems don’t end here; According to an article published on SecurityWeek.com, studies have shown that over 60% of all Internet users use a maximum of three login name / password pairs throughout their entire Internet journey. Consequently, assuming an attacker manages to discover your favourite password, all of your online accounts may be at risk, not just your email. PayPal, eBay and online banking sites may quite possibly be the attacker’s next port of call. As SecurityWeek points out, “your email address and password will be checked against thousands of eCommerce and financial sites within minutes”.

An additional problem caused by email hacking is the potential threat it poses to others in your network. Think about who you email on a daily basis; friends? family? colleagues? As soon as an attacker gains access to your account, your contacts are immediately placed at risk as their addresses are harvested for Spam lists. If any messages from contacts contain sensitive information, this too will be exposed to the attacker.

Road to recovery

So, if your email account has been hacked, what should you do? Time is certainly of the essence as the period between discovering an attack and acting on it can make all the difference in preventing an inconvenience from turning into a complete nightmare.

The first step is to regain control. If you find that you are locked out of your account, try the password reset process by clicking on the “forgot password?” link. If the attacker hasn’t changed your password reset or your password hints, then you should be able to just click on the link and re-access your account. However, this may not work if the attacker has already changed the reset address and security questions. Most email providers offer some high-level process to help users regain control of their accounts. Of course, depending on the provider, that process may vary in complexity. Hotmail/Outlook.com users can answer a few questions to verify their identity. Google requires more detailed information in order to verify you are the owner.

Once back in your email account, change the password to something strong. “Password1,” “let.me.in,” or surnames are not good choices. Pick a long, complex password that contains a mix of characters, upper and lower case letters, and numbers. Where possible, try to use different passwords for different types of websites. Your online banking password should never be the same as your social media password!

Another important step is to check your password resets. Sometimes hackers will alter the email address listed as the recovery address. If this happens, change it back to your own, and make sure the attacker didn’t add any additional ones. Make sure the security questions are still questions you know the answers to. This may be a good time to change them so that someone just looking at your Facebook page won’t be able to just guess the answers.

‘Prevention is better than cure’

Following an email hack (or just having heard about somebody who has been the victim of an attack), it’s often worth re-assessing your Internet habits. In doing so, you may be able to avoid your email account being compromised in the future.

Think about your overall approach to sending emails and using the Internet; do you exercise caution when browsing the web? Any request to supply personal information / set up an account –either via email or on the web- could be a ruse to harvest data. Always be wary when there is an unexpected request for your password, and if in doubt, check with the organization in question e.g. bank, retail site. In addition, make sure your system is running an up-to-date antivirus program to help detect and block malware.

With regard to email accounts, some providers such as Google/Gmail offer the option of using two-factor authentication. Here, users supply their chosen password then receive a SMS message containing a second code, which is also required for log-in. Two-factor authentication is a great way to add an extra layer of security and keep your data safe.

Finally, passwords should always be chosen very carefully. As mentioned earlier, it’s crucial to use ‘strong’ passwords that are complex in composition; use obscure phrases with a mixture of characters and digits. Most importantly, try to use different passwords for your email and other online accounts.