Yesterday a friend of mine had his email hacked. I knew it when I got an email from him that began “Hey check this out!” as he doesn’t write like that. (I like the feature in gmail and maybe in other email companies now, where I can see the first line of an email.)
It was a rough day for him as he dealt with the ramifications, changing passwords on other accounts he has, worrying about his online life, and so on.
Change your password, and don’t use the same one on multiple accounts. I use the excellent free Lastpass to keep track of my passwords, and I don’t use the same password on two sites or email accounts. As for my master password to get into my Lastpass account, it is lodged firmly in my brain (and also on a piece of paper somewhere safe). I made it by taking a book that I have in the house and combining the first letters of the words in the first sentence, then adding a number that is meaningful to me and is not a guessable thing like a date. You could use a favorite quote.
So for example, if you chose “The quick brown fox jumps over the lazy dog,” your password would include Tqbfjotld along with the numbers and preferably a bit of punctuation.
I did something like this for the master password at Lastpass and also for my Paypal login. For the rest, I normally use the really good password generator in Lastpass… what I really like about it is that it has an unusual feature where you can choose not to use confusing characters, so it will stay away from 0 and O — that’s zero and the capital letter O — and similar things.
Alas, most people use easy-to-guess passwords. From an article on Mashable, I found this list of most common and thus worst passwords:
Here are a couple of articles I found that spell out tips on what to do if your email does get hacked:
I liked this bit from that second article:
How Did It Happen?
It’s conceivable that a cyber-criminal mastermind targeted you personally for a hack attack. A “spear-phishing” email message specially crafted using your personal information might have tricked you into connecting with a malicious site. Or perhaps an active hacker in some Moscow basement exploited a vulnerability in your OS.
Yes, these scenarios are conceivable, but they’re almost inexpressibly unlikely. You’re special, of course, but you’re not that special. It’s much more likely that you just weren’t careful, or weren’t lucky.
Most people won’t bother to make any changes till they are forced to, but believe me, an ounce of prevention is worth a pound of cure. (Hmm, that’s another saying that you could turn into a password!)