Seven-word email means your Gmail or Outlook is hacked – security pro shares quick steps you must follow if you see it
A SIMPLE seven-word email is a clear sign that your account has already been hacked.
If you see it, you’ll want to act as soon as possible – or risk criminals taking advantage of your email account.
Breaking into an email is a great prize for hackers.
Not only can they use it to gain access to other accounts you hold, but they can send emails from it to scam even more people.
So security giant McAfee is warning that receiving a seven-word email is bad news – and likely means your Gmail or Outlook account has been compromised by crooks.
The seven words are: “Did this email really come from you?”
But what does that mean? McAfee’s Jasdev Dhaliwal explains: “Hackers often compromise email accounts to spread malware on a large scale.
“By blasting emails to everyone on your hacked contact list, they can shoot bogus, malware-riddled emails to dozens, even hundreds, of others.
“And no doubt about it, some of those emails can look a little odd.
“They don’t sound or read at all like the person they’re trying to impersonate — you — to the extent that some of your contacts might ask if this email really came from you.”
Scammers might delete their sent emails from your inbox so there’s no sign of their dodgy antics.
But a contact telling you that they’ve received a strange email from you is a dead giveaway that something is amiss.
If someone is sending emails from your account then it’s been broken into – and you’ll want to act fast.
HOW TO REACT IF YOUR EMAIL HAS BEEN HACKED
If you’ve been locked out then the very first thing you should do is to use your email’s recovery service.
For instance, you might need to answer personal questions or plug in a recovery code.
Once you’ve done that, make sure to change your password to something very complicated.
PASSWORD RULES – DON'T BREAK THEM
Here are some important tricks to follow, as revealed by Keeper Security…
- Make sure to use a combination of upper and lowercase letters. It’s much easier to “crack” a password if it only uses lowercase letters.
- Never include personal data like your birthday, street address, and certainly not your name.
- Ensure that every password has at least 12 characters. This will significantly increase the time it would take a hacker to crack your login.
- Include symbols whenever you can. Not all services allow this, but if you can add question marks, exclamation marks, hash symbols, and slashes, your password will be far safer.
- Ensure that you’re using varied and non-sequential numbers. So, rather than having 1234 at the end of your password, mix them in and use a random order.
- Avoid, where possible, using words found in the dictionary in your password.
Importantly, you must make sure that you’ve never used this password anywhere else.
Using a password manager (like the iPhone’s iCloud Keychain or the Google Password Manager) can help with this.
Go into your settings and make sure to terminate any active sessions on other computers that you don’t recognize.
And then be sure to set up two-factor authentication, which is a great way to block further access to your account.
“Several email services support two-factor authentication, which requires a PIN in addition to a username and password to log in. If your service offers it, use it,” Jasdev, Director of Marketing and Security Evangelist at McAfee, explained.
“This provides one of the strongest defenses against a hacked email account — and online accounts in general.
After that, you’ll want to check all of your other accounts.
That’s because a hacked email log-in can give crooks the tools they need to break into your other accounts.
As quickly as you can, send a message to all your email contacts and let them know that your email has been compromised.
Jasdev Dhaliwal
Check for unusual activity and make sure that you’re not re-using passwords anywhere.
Finally, make sure to reach out to any of your email contacts.
“A big part of the hacker’s strategy is to get their hooks into your address book and spread malware to others,” security pro Jasdev revealed.
“As quickly as you can, send a message to all your email contacts and let them know that your email has been compromised.
Google's list of signs someone is using your Gmail account
- Unfamiliar changes to critical security settings
- Unauthorized financial activity
- Unusual activity notifications
Correct the setting immediately if you see unfamiliar changes to:
- Mail delegation: People with access to your Gmail
- Automatic mail forwarding
- Scheduled emails
- Your name in Gmail
- Automatic reply: Vacation responder
- Address on outgoing mail
- Blocked email addresses
- Remote access to your Gmail: IMAP or POP
- Filters that manage your incoming mail
- Labels that organize your incoming mail
Your Gmail activity might be suspicious if:
- You no longer receive emails.
- Your friends say they got spam or unusual emails from you.
- Your username has been changed.
- Your emails were deleted from your inbox and aren’t found in “Trash”. You can report missing emails and possibly recover them.
- You find “Sent Emails” that you didn’t write.
“And if you’ve done so, let them know that you’ve reset your password so that your account is secure again.
“Likewise, alert them that they shouldn’t open any emails or attachments from you that were sent during the time your account was compromised.”