Q: Help! A hacker has taken over my email account. Now he is sending notes to my friends that I'm in trouble and need money. What should I do?
A: First of all, we are so sorry that you are going through this. We hope that none of your contacts were duped into sending the cybercriminal money. If they were, tell them to immediately file a police report and to file a report online at www.FTC.gov to report internet fraud. In addition, there are 8 steps you can take to help clean up your email account and hopefully avoid future issues.
Step #1: Identify all online accounts that you use that are tied to that password. Notify them in case they see fraudulent or suspicious activity. Keep them written down on a list to make sure you notify everyone.
Some examples include: your kids' schools, your bank account, your credit card account.
Step #2: Change ALL passwords, not just your hacked email account.
Go to a different computer that you trust is not compromised and change all passwords.
Make sure all of your passwords are different and changed immediately.
Step #3 - Check your email settings, especially any "forwarding" functions. Make sure your settings are set the way you want them to be and that the hacker is not forwarding your email account to some other accounts.
Step #4 - Notify your email account provider. Many email account providers allow you to fill out an account complaint form so they know you have had your account hijacked.
Step #5 - If feasible, consider moving to a new email account name. Sometimes, the hacker has done such a complete takeover of the account, that it might make more sense to move over to a new email account name.
Step #6 - Scan your home and work computer for viruses and malware
Run a full scan and fix anything that the scan finds. Remember, scans do not find anything so watch for suspicious computer behaviors such as hearing access to the hard drive or a light flickering when you are not running a program. There are a lot of free tools that you can use in addition to your virus protection listed on the Microsoft.com site and at Sophos.com
Step #7 - Go to all of your social media accounts and broadcast to your family and friends that your account was hacked. Don't be embarrassed, it happens to most people. They will thank you later from helping them avoid being a victim too.
Step #8 - Keep in mind that safe surfing habits such as not clicking on links, opening attachments, or refraining from using free Wi-Fi networks that you do not really know the owner of is a good step towards prevention.