Your email’s been hacked. Now what?

Ever get an email from a friend or family member that doesn’t seem quite right? It may not “sound” like the person you know or might ask you to click on some random, unidentified link. Beware, someone could be trying to hack your email account.

How do I know I’ve been hacked?

Here are a few sure signs:

• friends and family are getting emails or messages you didn’t send;

• your “sent” messages folder has messages you didn’t send, or it has been emptied; or

• you can’t log into your email account.

What should I do if my email has been hacked?

Work fast. The hacker could be in the process of trying to deny you access to your account while you are just noticing the problem.

Change your password. Immediately change your e-mail account's password to keep the hacker from getting back into the account. Your new password should not be related to your old one, and it needs to be strong; for example, use a meaningful full sentence as the basis of your new password.

And, change other passwords. If your email has been compromised, your other accounts are at risk. As quickly as you can, update your other e-mail, financial, and social media accounts. Never use the same password for multiple accounts.

Reclaim your account. If you’re not so lucky, the hacker may have already changed your password, locking you out of your account. If that’s the case, use the “forgot your password” link using your security questions or backup email address.

Scan your computer for malware. Run a full scan with your anti-malware program. If you don’t have security software, get it from a reputable, well-known company (like McAfee or Symantec). Scan other computers you log in from, as well. Delete any suspicious software and restart your computer.

Check your email settings. Once you’re back in your account, check your signature and "away" message for unfamiliar links, and make sure that messages aren’t being forwarded to someone else’s address.

Tell your contacts. Send a quick email to your email list letting them know you’ve been hacked, and that they might have gotten a malicious link or a fake plea for help.

Consider two-factor authentication. For extra protection going forward, think about setting up your accounts to require a second form of authentication in addition to your password. So, when logging in, for instance, you would also need to enter a special one-time use code the site will text to your phone.

This is a message from AARP Seattle and the Washington State Attorney General’s Office. If you or someone you know has been a victim of identity theft or fraud, you can contact the AARP Foundation Fraud Fighter Center at 1-800-646-2283 for help. You can also file a consumer complaint with the Washington State Attorney General’s Office.

Also be sure to share this alert with your family and friends so they know how to spot the common strategies scammers use and have the tools they need to defend themselves against their tricks. Sign up to recieve timely alerts on scams and fraud from the AARP Fraud Watch Network..