Email Account Takeover

Issue: Scammers steal passwords for web based email services. The intent is to use this information to “take over” legitimate email accounts, and then send email from your accounts to trick people you know. Because the email looks like it was created by you, the recipient “trusts” it and may fall for a scam.

Every day, thousands of people "lose control" of their personal web based email accounts. Losing control of your Gmail, Yahoo, or Hotmail account can be a pain. Criminals have latched onto this as a method for scams, including sending links or email attachments to people. These links or attachments can contain malware that may (among other things) lead to account takeover.

A prevalent scam involves the attacker using the victim’s email account to send messages to their bank or other financial institution. These messages usually indicate that the victim urgently needs account balances, and then may request to transfer money from legitimate accounts to an unauthorized party. The criminal will pretend that a serious and/or urgent issue has occurred, and has prevented the victim from using normal bank processes to transfer money (e.g. funeral, accident).

The reason this scam works so well is because the email that others receive, convincingly appears to be from the victim. The recipients may trust email from someone they already know.

How does this issue occur? People make poor password decisions or create easily guessed account recovery questions for their email accounts. Many times, password re-use from another “hacked” web service may have been used to get your email password. Another common cause is phishing.

In order for the scammer to maintain control, a host of unauthorized changes may be made to an email account. These changes allow a scammer to keep accessing the victim's account, or even forward some or all of your email to another location, even after that person has changed their password.

If you receive an email from a friend that looks out of character (strange message or clickable link), suspect this may have already occurred. Avoid clicking anything in the email until you personally validate the content with the supposed sender.


Tip: Many email services have advanced settings that allow for better security, but you have to enable these features. Review your account’s advanced security options and enable features that protect you.

If you have been a victim of this issue, follow these instructions:

  • Change your email password. Create a strong password that you don’t use for any other service.
  • Contact your service provider for help and advice.
  • Go into your email account’s advanced options and change your account recovery options (challenge questions, phone numbers, and backup email address). Review these settings for changes you did not make.
  • Check the websites and applications that are allowed to access your account, and revoke any settings that are unfamiliar.
  • Check your advanced mail settings for suspicious forwarding addresses or delegated accounts.
  • Check your email folders, (such as spam, sent items and deleted items) for any messages that may have been sent from your account.
  • Contact recipients of unauthorized email to inform them of what occurred.
  • Consider advanced security settings that protect you from future issues.
Credit Card