Fraudsters are increasingly using email to target you. It makes sense because an email account is where the different parts of life intersect: personal interests, school, work, banking, shopping, friends, family, travel plans, social media and so on. You tie account after account to an email address, have your passwords sent there when you forget, and receive updates about all sorts of personal activities. It’s an identity thief’s dream.
In other words, if a hacker gets into your email, they’ve hit the jackpot. It may seem like just a page in a Web browser or an app on your smartphone, but you need to surround it by the best defenses available. Regardless, people do a lot of stupid things with their email accounts that leave them vulnerable to fraud and identity theft.
What Happens if Thieves Hack my Email?
Any number of things, unfortunately. They could spam your contacts, try to solicit their personal information, and depending on how fast and loose you’ve been playing with your email account, leverage that data as well. Say you sent a prospective landlord an email with your full Social Security number so they could do a credit check. A hacker could take those digits and try to open up new credit accounts in your name. That’s why it’s important to take email security seriously.
If you think you’ve already fallen victim to an email scam, you can use our free credit report snapshot to monitor changes to your credit reports. You can use it to look for new inquiries or new account fraud, as well keep an eye on two of your credit scores, updated every 14 days. Significant changes to your credit score can be a sign of identity theft.
Let’s look at a few examples of common bad habits, along with some remedies to help you stay safer.
1. Having a Weak Password
No one — other than you — should be able to access your account. That means your password can’t be guessed, and you shouldn’t give it to anyone. The longer and more complex it is — meaning it combines uppercase letters, lowercase letters, numbers, symbols, and words not in the dictionary — the more secure it will be. Don’t use your email password anywhere else (duplicating passwords is generally a bad idea), and don’t save your login information on computers or mobile devices.
2. Sending & Storing Sensitive Information
Never send your Social Security number or any account information via email, even if you trust the recipient, because you become less secure as soon as you press send. On top of that, personal information shouldn’t be stored in your email account in the event it is compromised. If anything sensitive ends up in your inbox, delete it and empty the trash.
3. Clicking on Something Weird
When in doubt, don’t click. Even if a message appears to be from a friend or family member, anything that seems out of the ordinary should be deleted. You can always confirm with someone you know whether or not a message is legitimate, and they can re-send it if it is.
A few bonus rules of thumb:
- A financial institution will not ask you to send or verify personal information through email.
- Any too-good-to-be-true offer that wants you to click something or send your information to redeem the offer is probably a scam.
- Don’t open emails that are just a link, and for that matter, don’t send emails like that, because it looks like spam.
Remember, your email account is a gateway to your online identity, which is something you don’t want someone to mess with.
This article has been updated. It originally ran on October 30, 2013.