Six Steps for Recovering a Compromized Email Account
1. Immediately change your password
If you suspect an email account has been compromised, the password should be changed as soon as possible to prevent further abuse. Simply changing the password may be insufficient for full recovery. It is possible for malware to track password changes. The following steps should be followed for more complete recovery.
2. Check your local computer for malware
Many such attacks are carried out using login credentials acquired through malware. Perform a malware scan on all Windows-based systems. This is especially important if the system was used to access website management services, such as through cPanel/WHM and FTP. To check for malware we recommend the following free tools. No single anti-malware application is assured of capturing 100% of all malware. For this reason, it is best to use as many tools as you can.
- HouseCall: http://housecall.trendmicro.com/
- Spybot S&D: http://www.safer-networking.org/index2.html
- MWAM: http://www.malwarebytes.org/mbam.php
- SuperAntiSpyware: http://www.superantispyware.com/
3. Check your website for malware
Unfortunately, one compromised system can lead to other compromised systems. If malware is discovered, let your website host know. They can then scan your site for other compromises.
4. Change your passwords regularly
Once you are sure that all your computers are secure and your key strokes will not be monitored, change all relevant passwords again. Get used to doing this. Yes, it's extra work, but it's a lot easier than recovering from the next attack. Change your passwords again in about six months, and again about six months after that, and again... This sounds impossible, but the following two tactics make it much easier while ensuring strong security.
5. Use a strong password scheme
Never use the same password for high risk sites (such as social networking sites) and high security sites (such as your bank accounts), and never use the same password for more than one high risk sites. Good password schemes usually have between 3 and 5 levels, with each level isolated from the others. Here's an example:
- Low security sites, such random promotions that require some kind of login. Use simple, easy to remember passwords.
- Medium security sites, such as Facebook on which do not contain highly personal data.
- Very secure sites, such as credit card and bank accounts. Use a unique password for each site, and never use these passwords for lower level security sites.
6. Use acronyms for passwords
Never use your pet's name for a password. In fact, never use a name at all. Also don't use any words, or combinations of words, or combinations of words and numbers, or any words with letters changed to symbols, such as 0 (zero) for O (oh). That sure is a lot of nevers! What's left? Well, as it turns out, a lot! For example, Wl?Waitoal! uses the first letters of the previous two sentences. Read those sentences a few more times, and you'll probably have them memorized. Such patterns are virtually impossible for computers to predict, but surprisingly easy for humans to remember.