10 Simple Tips to Protect You from an Email Hack | Avast

Email remains the most common form of communication today. It’s also the unique identifier for many online account logins, which is the reason it’s still highly targeted by cybercriminals. Once hacked, it can lead to spamming your friends or, worse, identity theft for you. And you have to consider that your reputation and finances could very much be affected.

Bad guys hacked her email account

My friend’s email account was hacked a few months ago. Somewhere between her kids buying things online, her email/password being compromised in a data breach, and maybe clicking a phishing link in an email, she found that her email account was hacked and ultimately taken over. She changed her password multiple times to take back control of her email account, but the hackers hijacked her email again. Despite reaching out to her email provider, she could not get the help she needed to stop the attackers. Regardless of how it happened, my friend was feeling overwhelmed and vulnerable.

How my friend got her groove (and email) back

Eventually, her only choice was to abandon the original email account and sign up for a new one. It was time-consuming, as it included changing her logins for every online account — first changing the email address associated with the account, and then making each password strong (and unique!) by using a password manager. In addition, if two-factor authentication was available, it was enabled. Another step was to educate all family members with access to those accounts on what ‘not’ to do, so there would be no chance for another attack.

Lastly, to be extra safe, she put a credit freeze in place. With so much personal information online, it just felt better to have that high level of protection making sure her credit would not be affected long term.

10 tips to protect yourself from being hacked

Here are 10 easy steps to protect yourself online. They can help protect your family and friends too and help to prevent your email from being hacked:

1. Use a password manager and two-factor authentication wherever possible
   Use a reputable password manager to change all of your online passwords to strong, unique ones for each login. This can take some time, but it’s worth it to avoid the risk. As you set up the passwords for your accounts, also set up two-factor authentication (2FA) as an added layer of security for the accounts that offer it. Do the same when you are setting up IoT devices in your home (and look for IoT devices with 2FA support when you buy them!).

2. If signing up for a new email service, check for 2FA support
   Not all email providers provide 2FA.  So, when signing up with an email provider, check to see what layers of security are available such as 2FA either through SMS (less secure) or app-based such as Google Authenticator or Authy.

3. Don’t click links in email or texts  
   Data breaches are a daily occurrence, with phishers always looking to attack. One of their most successful ploys is sending links via email or text that look legitimate, but once clicked on, will allow them to steal your information. The easiest way to avoid these scams is by not clicking the links. Instead, open another tab, and go to the website of the company in the email or link to see if the information presented matches the official source.

4. Use a VPN on your computer and your phone
   Be anonymous by using a VPN to encrypt your internet connections. There’s no reason not to be when it comes to protecting your personal information. While you’re at it, the VPN will make your browsing experience even better, with fewer ads, less tracking, and, of course, more peace of mind knowing you’re secure.

5. Don’t use public Wi-Fi or public computers, if you can help it
   When you’re traveling or not at home, try to use the internet only through your own computer or mobile device, with your VPN turned on, of course. Public computers at hotels, for example, are accessible by other people who can put keyloggers or other malware on them, which can come back to haunt you. Wait to do your online banking or access other highly personal accounts on your protected home network, whenever possible.

6. Get a strong antivirus
   A good antivirus raises the bar on securing your information, with real-time protection from phishing attacks and threats like malware, ransomware, and more. Antivirus should be installed on your PC, Mac, Android phone, and other devices. 

7. Secure your router and Wi-Fi
   Whether a home user or a small business owner, identifying who and what is on your network is as important as ever, as unauthorized users could be trying to hack into your system. Ensure you change the admin password for your router and set your Wi-Fi password to something really strong that a hacker could not crack. 

8. Keep your computer and smartphone OS up-to-date
   Whenever a security update is released for your OS, update it immediately.  

9. Keep all of your computer and smartphone apps regularly updated
   Updates often include security improvements, so if an update is available, get it right away.

10. Consider putting a credit freeze on your account
    As a last resort, if your email has been hacked, put a credit freeze on your account. It’s easy to do and gives you more control over who has access to your accounts. When making purchases (like a car), if someone needs to access your credit report, you can easily turn the account back on, then reinstate the freeze afterward.

Keep yourself from being a target by following the easy tips above. Taking these few extra steps may not keep the spam out of your inbox, but it will help to put hacking attempts into the junk folder.