21 comments on “My Email Is Hacked, How Do I Fix It?”

  1. For those who want peace of mind for their Gmail account I suggest buying two Yubikey’s (just the standard ones which require a USB port to work, which is $40 tops for two) as this way even if someone gets a hold of your username/password they still can’t get access to your Gmail account (this is the more secure form of two-factor authentication available as other forums are not fool proof unlike this which has not been bypassed yet and it’s been around for many years now). the reason I suggest (as far as I am concerned it’s required) buying two Yubikey’s is you use one of the two in general and keep one in a secure location so this way if you happen to lose your Yubikey you can always use the other to login to your account and remove the lost/stolen Yubikey and then you could simply buy another one and register it to your Gmail account so then you have two registered keys once again. this is solid advice because if some shady person gets a hold of your email account they can potentially use it to reset passwords etc for a lot of other accounts you got and can create a huge pain in the butt for you. so basically… transfer all of your important stuff you do online to a Gmail account secured by Yubikey and no one will be able to take over your account as it can’t be Phished etc. NOTE: those who register the two basic/cheapest Yubikey’s to their account you MUST have a device with a standard USB port on it to login to Gmail otherwise you cannot login (normally you just type in your username/password on Gmail but with YubiKey enabled you type in your username/password and then insert the Yubikey and tap the device with your finger and it will log you in). besides I suggest avoiding smart phones for anything important online as if one has too much stuff solely in their smart phone that’s just a security disaster waiting to happen as if someone steals it, your screwed. it’s best to use a proper desktop computer for doing important stuff online and always keep backups and one should be using a password manager as this way you get a unique password for ALL accounts you have online so if one account became compromised you ain’t got to worry about it being used against the other accounts since they will have different passwords on them. just make sure to make at least one backup copy of your password managers database and store it in a secure location. so this way if your computer’s hard drive dies, you can use the backup copy to restore the password managers database and your good to go again.

    but those who are still using Yahoo email, I suggest moving anything important off of that to Gmail as it’s more secure as Yahoo has proven they can’t be trusted given the hacks in the past. Yahoo email can be okay as a backup account without anything important tied to it though but for anything important a person does online, Gmail is definitely more secure, especially once you set up the Yubikey’s with it.

    Reply
  2. Hi

    I have some questions, hoping you will be able to shed some lights.

    My employer is in education business, they use G suite account. I sometimes noticed the bottom right corner next to Details shows “being used in one other location” highlighted in “yellow; and “bold” . However, at that time, I did not login my school email account from other device, mobile or anything. After a while, it was unhighlighted but leaving the words “open in 1 other location”. The next day, I discovered the words of “open in 1 other location ” was not even there, so there was nothing next to “Details”. Tonight, I opened my account again, the “open in 1 other location” but not highlighted is still here.

    I am suspecting my account can be accessed by my employer without my notice as the G suite administrator at school could do it.

    Also, previously I noticed there was another IP address accessed my school email account several times, with similar IP address serial numbers, but only the last part of the no which was different, I suspected it was generated from a Central place. I went about on the internet to try to locate the IP address, but could not find anything as it says the IP address is wrong.

    What is more scary was, I discovered that my personal hotmail email account was also hacked by a similar serial no. I wonder if the IT department from our school could help do such an evil things.

    My friend told me to go to the Police as they might have high technology to trace the IP address.

    I do not want to get paranoid over this, but I really want to know the truth.

    Please kindly reply.

    Thanks
    Ms Cheung

    Reply
  3. Good evening, I am hoping you can point me in the right direction please.
    Bought a product online which asked me to login to my (new) account to download my purchase.
    The login autofilled when I clicked onto it but although my email address was correct,right beside it there was an unknown name and web address which was presented without the @ symbol.
    Should I be worried?
    Appreciate your help / advice.

    Reply
  4. I just got an email from someone who claimed to be sending a photo from a mutual friend who has recently had a stroke. When I clicked on the link (stupid, I know), I got a “this site cannot be reached” message. Pretty sure the message was fake. But since I tried to open it, I’m wondering if that leaves me vulnerable in some way?

    Reply
  5. You may want to comment on the difference between hacking your email account and spoofing your email account. Many people think their email has been hacked when in fact there is someone spoofing.

    Reply
    • Good idea, but you could have explained it yourself 🙂
      But seriously, spoofing is when a spammer or scammer sends out email using your email address. All they need to know is your name and email address and use it as a return address and voila, it’s been spoofed. No hacking skills are required. It’s similar to creating a fake social media account. All they need is your name and a few photos of you and voila, it’s been spoofed.

      Reply
  6. So, Leo, you’ve used the term “hacked” many times over the years in your fine articles. Please define “hacked”. Thanks.

    Reply
  7. No one listens . If my email has been hacked (password and contact phone has been changed)
    HOW am I to sign in to change them. Hello !!!!! They have been changed (can’t sign in to change)

    Reply
    • We do listen. It’s just that the answer isn’t what you want to hear: you must follow the account recovery steps offered by the provider carefully and completely. If those don’t work, then you can’t sign in. Your account is lost.

      Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.