search
date/time
 | Yorkshire Times A Voice of the Free Press |
Jamie Durham
IT Correspondent
2:00 AM 10th September 2022
scitech
How Can I Tell If My Email Account Has Been Compromised?
According to the National Cyber Security Centre, its Suspicious Email Reporting Service received 5.4 million reports from the public of potentially malicious material – leading to the removal of more than 50,500 scams and over 90,100 URLs.
And the harsh reality is, in today’s climate, everyone is a target. That’s why remaining vigilant, and keeping a sharp eye on inbound communications, is key to improving your security posture.
Prevention is always better than the cure.
While there are a handful of options to help repair the damage of a cyber attack, spotting the signs before it’s too late is crucial. You can have the best systems and resources in place, but if you’re not on hyper alert, you risk placing yourself in the firing line.
Almost 90% of data breaches occur on account of phishing. As well as using methods of protection such as multi-factor authentication, it’s important to understand what a threat actor might look like. Typos, a sense of urgency, an unfamiliar tone, and unusual requests should always ring alarm bells.
How do I know if a vulnerability has been exploited?
Cyber attacks are becoming increasingly sophisticated, and no matter how good your defences, you need to work on the assumption that perpetrators will be successful in their attempts from time to time.
One of the most obvious signs that your account has been compromised is that you can’t sign into it. If your password input is being rejected, it’s likely that it has been altered by someone else. But that’s not the only thing that should arouse suspicion.
In some instances, where hackers attempt to be savvier, they won’t change the password of an account in the hopes they will remain undetected. That’s why it’s good practice to regularly check your ‘sent’ mail too, and flag any correspondence you don’t recognise.
If different IP addresses show up on your log, this should also be a huge red flag. Accessible through most email servers, it’s essentially a digital address which reveals the physical location of all recent log-ins. If you only tend to access your account from one or two locations, you’ll see these consistently appear in the records. If others appear, it means your data is being accessed from another location.
If there are no indications that any vulnerabilities have been exploited, great. However, if you want further peace of mind, HaveIBeenPwned is a useful tool that not only gives you an immediate list of recent breaches, but also shows where your data might have been comprised in a leak.
If you’re worried that you may have fallen victim to an attack, and you still have access to the account, the best thing to do is to deactivate it – at least temporarily. If you make a new one, ensure the password is strong – combining numbers, symbols, letter, and a mix of upper and lower case – and change it regularly too.
You should also let your friends, family, and colleagues know, in case they have received anything suspicious from your email address. They should run a scan of their device using anti-virus protection, to ensure nothing malicious has already been installed.
If you are certain an account has been compromised, and your bank details are in any way affiliated with it – whether you’ve stored passwords on the server or made purchases via this address – it’s important that you let your bank know so they are aware not to reset any details, as well as how to contact you in the future.
And finally, ensure all your systems are fully up to date. Before you start logging new passwords and making online purchases, it’s important to check that there’s no malicious spyware or other types of malware on your device. Run an anti-virus programme, and install the latest security patches and updates for your operating system and browser if you haven’t already.