What to Do when Your Email Account linked to Your online Business Gets Hacked

1. Run Your Antivirus Program

As noted by the FTC’s guide on hacked email, the first thing you should do if your account gets hacked is to run an end-to-end antivirus scan.

Skip the “quick scan” setting in favor of a deep scan to identify and eliminate not only all forms of malware (including Trojans, spyware, and keyloggers that could be tracking your keystrokes even after the hack has been identified) and potentially unwanted applications.

According to the FBI’s Internet Crime Complaint Center, businesses saw an exposed loss of more than $747 million over the last two years, despite having network protection in place and IT staff on board.

When it comes to your email accounts, the sooner you run an antivirus scan, the better. It’s important to make sure you’re clean before you change any of your other sensitive information to avoid restarting the cycle.

2. Change Your Passwords

Once your computer is free of malware, it’s time to change your password. If you’ve lost access to your account, you may need to contact the email provider directly, prove who you are and ask for a password reset.

Choose a new password that is markedly different from your old one and make sure it doesn’t contain strings of repeated characters or numbers. Stay away from passwords that have obvious ties to your name, birthday, or similar personal details. Hackers can easily find this information and often use it in their first brute force attempts to access your account.

Your password should be unique for each account, complex (i.e., a mix of letters, numbers, and special characters) and at least 15 characters long. If you need help creating new passwords or managing all your new complex ones, use a secure password manager to safely save them.

3. Contact Other Online Services

Changing your passwords with other online accountsis critical as well. Payment-based accounts such as Amazon, Netflix, credit card companies and even the local library need a reset. Be sure to update each of your passwords to prevent hackers from compromising these accounts as well.

Keeping these other accounts secure is important. Secondary services are ultimately the much more valuable targets in these security breaches. For example, your bank account could easily be the next break-in if the scammer found the info needed to reset your password.

4.Report the Hack

If you haven’t already, contact your email provider and report the hack. This is important even if your hacked email didn’t cause you to lose access. Reporting a hack helps providers track scam-based behavior. When you report a hack, you’re protecting yourself and others from future threats by helping the provider improve their security.

In addition, your email provider may be able to offer details about the origin or nature of the attack. You might find that the breach is larger and affects other services you may have.

5. Create a New Email Account

Sometimes it’s not worth picking up where you left off. Take a moment to recall: has this email been hacked before? Is your provider not taking steps to mitigate the amount of spam you receive? It may be time for a switch.

Look for a service that offers default encryption of your emails. Data encryption helps your private emails stay concealed if the provider’s servers are breached. Hackers cannot unlock this data without the proper security key.

6. Contact Credit Agencies

Hackers’ reach is often much greater than a simple email hack indicates. It’s a good idea to reach out and ask credit reporting agencies like TransUnion or Equifax to monitor your accounts in the months after you’ve been hacked.

If you’ve been contacted or responded to any suspicious named emails recently, take note of this as well. Fraudsters are much more likely to attempt to make personal contact and convince you to share personal details before they start defrauding your accounts and making purchases on your credit card. Scammers know that a personal touch often gets them through the first line of spam defense.