Technology in terms you understand. Sign up for my weekly newsletter, "Confident Computing", for more solutions you can use to make your life easier. Click here.

If My Email Account is Hacked, What Kinds of Things Should I Check?

//
Leo, in your article about email being hacked and what you need to do, it’s possible that you may have omitted one important problem associated with account hacking: the changed return address. When my Yahoo account was hacked (my own fault, signing in from a fake email), the last thing that I noticed as I restored my account was that they had changed one letter of my name in the return address. If you clicked Reply to any email that I sent out, it went to them and not to my real account address.

Actually, you raise a very interesting and important point. It’s difficult to list all of the things that a hacker could change after they access your account.

Let’s look at a few of the most common things.

Become a Patron of Ask Leo! and go ad-free!

Reply-to address

As you point out, hackers can change the Reply-to address so that people replying to your email reply to the hackers instead.

Sometimes, it’s obvious that the reply address is completely different. Other times, there will be very subtle changes, like a single letter difference in the email address that the person replying to you doesn’t notice.

Worse, a hacker might use your name as the display name to hide a completely different email address. For example:

Leo A. Notenboom <hacker@somerandomservice.com>

When received in many email programs will show only “Leo A. Notenboom” by default – yet if the recipient replies, it’ll go to that hacker’s email address.

Auto forward

It’s also very common that a hacker would set up an auto-forward rule so that every email you receive is forwarded to them automatically.

Now, that may seem odd until you start thinking about account recovery and related scenarios. It’s one of the ways that hackers use your email account to hack into your other accounts including those of other online services, including your bank.

Emails Hacked!Address book entries and other rules

Hackers can also add, remove, or alter entries in your contacts or address book. You may think you’re sending something to Aunt Mary, but it might not be her at all.

They can modify your spam filter settings and rules. In other words, they can make sure that you see all of the spam that’s headed your way.

They can even alter any automatic filtering rules that have been supplied by your email provider. For example, in Gmail, if you have filters set up that automatically label email as it arrives, hackers could change those rules while they have access to your account.

Servers

They could even alter what server is used to send mail. For example, Gmail allows you to specify an alternate server to be used when you send email. There are various reasons for this, but it allows you to use your Gmail account to send email from a non-Gmail email address.

A hacker can change or even add that configuration without you realizing it. After they do, all of the email you send would go through a hacker’s email server rather than Google’s servers.

Check everything!

In the end, there’s just so much functionality that email servers provide these days that it’s hard to list everything that the hacker could possibly touch.

So, after you recover an account, the short answer is to check everything: all of the settings, all of the options, all of the rules, all of the filters, and even the contents of your address book.

It’s all fair game to hackers while they have access to your account.

44 comments on “If My Email Account is Hacked, What Kinds of Things Should I Check?”

  1. i got a msg of yahoo code confirmation i think some one trying to asses my account
    but without knowing code can they hack my account ???

    Reply
  2. I can’t log into my yahoo acount. It keeps telling me to reset the password but then it won’t take a new password. It tells me it is not long enough or it needs letters and numbers or its too long . I’ve been trying to reset it now for one month. I can get into it using my own computer but not my office computer . Now I just bought a new computer and can’t access it from that either. I tired contacting them but I don’t think anyone is alive there anymore … 🙁
    So my other question would be how do I transfer my yahoo account to my gmail account ?

    Reply
    • If you can get into your Yahoo account using your office computer then you still have access. You are going to have to work through resetting the password. In the end you have no choice but to follow the instructions Yahoo gives you until you get a password that works… and then remember it.

      You can certainly “transfer” your Yahoo account to Gmail simply by setting it up so that Gmail retrieves the Yahoo mail. But you are going to need your Yahoo password for that. So ultimately you have to reset the password anyway.

      Reply
  3. I had a yahoo email account that was hacked twice and spam sent to all my contacts. I ended up closing the account but my contacts are still receiving the spam because the hacker is using my name as the display name. Is there anything i can do to stop this?

    Reply
  4. My other gmail account has been compromised .
    Somebody from a nigeria ip address has logged in my account and he has changed the language to chinese and also all mail is being forwarded to another account .
    Please inform how i can retreive my emails and get my account back

    Reply
  5. I know that my email has been compromised, the codes sent by Microsoft is still not allowing me to get back in, but if Microsoft has blocked the account does that mean that the hacker is blocked out as well?

    Reply
  6. I cant remember the password of my yahoo email and i forgotten the answer for the security question.My yahoo email is not attached to any other email. Is there anyway to reset my password?

    Reply
  7. someone has hacked into ALL of my accounts my instagram, email, EVERYTHING! I have no idea what to do now! Are they stealing my identity and it was someone from California. And as I am writing this, he is hacking me and stripping me.

    Reply
  8. Pls help me as my account was hacked and I cant access any contact on my address book. I want to send an apology to all on my contact but found no contact on my address book.

    Reply
  9. I have been hacked and they have created a signature with my name and title and logo.

    We have changed the password to my Tahoo account , but I still cannot get into my emails to receive or to send out,, your thoughts.

    Reply
  10. Hello Dear,

    Please my gmail account has been hacked, and eve though I already change my password 2 yrs back now, but it seems that same hackers still come across in my gmail account.

    how to stop these hackers from my gmail? any other tips

    Reply
  11. this is the hacked email address with my profile still attatched since 2013 what can i do and how do i report to police through this comment ..I want to charge these people or person this is a fedral offense .what can i do ????

    Reply
    • You should report this to the police, although unfortunately, there’s not much they can do. They are usually backlogged, and this kind of hack isn’t alway high priority for them, and in most cases the hacks come from a country with little of no enforcement of cybercrime laws.

      Reply
  12. My Hotmail has been hacked it comes up with a message saying it looks like someone else is using your account the number they have got is wrong I’ve gave them my new one but how long does it take to change also how do I contact them to speak to someone

    Reply
  13. My email/hotmail account has been hacked but I can;t change the password as the language is in Arabic so I don’t know which option is change or reset password – what can I do?

    Reply
  14. Hi Leo
    My email has been hacked
    I noticed that they changed my email with fake one in the return address. If you clicked Reply to any email that I sent out, it went to the fake email account
    Please what should I do..

    Reply
    • Change that setting in the settings for your email account to remove the bogus address. Look for the From: address or “Reply To” setting.

      Reply
  15. If I send anyone an email from my yahoo address it comes up as being sent from someone called Kevin Campbell. I have checked my settings and it has the correct information on it. Have I been hacked somehow? How can I get rid of the name Kevin Campbell and have my own name appear instead?

    Reply
  16. can someone else transfer my phone number and email address to their house and pretend to be me without my authorization?

    Reply
  17. Can my computer be hacked and someone add email addresses and passwords to my computer. They are showing up in credential manager.

    Reply
    • Is is possible? Of course. Is it likely? No. Most often there are much more benign explanations for this type of thing. Of course without specifics I can’t say which situation you’re in.,

      Reply
  18. Several emails go to my junk folder that are not junk.
    I have added their email addresses to my contacts, but they still go to junk.
    Any other hints to solve this?

    Thank you

    Reply
    • Depends on your email program, but carefully mark each as “Not Junk” or “Not Spam” when this happens. That — not the address book — is how most spam filters learn.

      Reply
  19. I am sad that my email has been hacked by hacker I guess.. How would I get back my email I really need my important email.. Pls help me .. Pls I help me …I need my email back

    Reply
  20. I changed my email password (I use Outlook and IPad/IPhone)via Orange and in the process I couldn’t get my emails. After putting in the new code, I got them back but the following day, nothing. I went onto the remote Orange server also and there were no emails. I went directly to Orange and after a bit of searching they found my emails were being directed to a gmail address. She immediately deleted this and we now get our emails. I have asked friends to notify me if they get weird emails from me. Do you think I am risk – has anyone else had this?

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.