ITRC Solution 20
Internet Account Takeover -  Email Accounts and Social Networking Sites

This fact sheet covers the following information:

It can be very unnerving to realize that your email account/social networking site/twitter account has been accessed by somebody else or worse, that it has been completely taken over. It can also be scary to find that somebody has created an email account or an internet profile on a social networking site that is made to look like you.

One thing you must understand if this happens to you is that this is not, by law, considered identity theft. Identity theft is when somebody uses your personal and unique information in order to acquire lines of credit or to avoid criminal prosecution. Depending on what the intruder uses, the email account/social networking account for it could potentially be considered false impersonation which is not the same thing as identity theft.

WHAT DO I DO? 

Email Accounts

Account Takeovers

  • Contact the Network Administrator and explain what happened.
  • If your password has been changed, ask them to issue you a different one. This is a temporary password that will allow you to access the account and change your information. When you are able, permanently change both your password and security question for this account. Depending on the severity of the takeover, you may want to consider closing this account entirely and getting a new email account, possibly with another company or on another server. Make sure you inform the people who you want to have your new email address, of the change.
  • Contact everybody in your address book. Inform them of the email takeover. Ask if they have received and/or responded to any emails sent from your account during the time of the takeover. If so, get copies of these emails from them. Look to see if the emails asked for anything (Social Security Number, banking information, money to be sent someplace). If it does, ask the receiver if they sent anything back. In addition, ask them to read the ITRC Fact Sheet FS 123- I Gave My Information to a Scam Artist.

Fraudulent Account Established:

  • Keep in mind that just because you find an email address that is similar to yours, or is using your name, does not mean that somebody is attempting to use your name maliciously. There are millions of people who have similar names. This could be a coincidence. Make sure you know the intent behind the creation of the account.
  • Contact the Network Administrator and explain what happened.
  • Often times a fraudulent email account is created by somebody who knows the victim. If you know who could be doing this, alert email recipient contacts to be wary of the fraudulent email address.
  • If anybody you know has received email from the fraudulent email address, get a copy of it from them. Keep it for your records.
  • You might be able to file a police report with your local police department, depending on the motive behind the email.
  • You will want to consider changing your password and account information.
  • We suggest that you run a virus scanner on your computer before you change any passwords or account information. This will help to insure there are no viruses or key-logging software on your computer that could potentially capture, and send to the thief, your new password information.
  • Gather all the information you have and any copies of any emails they may have sent. File a police report with your local police department. You can also file a report with the FBI/FTC’s task force for internet crime at www.ic3.gov.   

Social Networking Site

Account Take Over:

  • Contact the Network Administrator and explain what happened.
  • If your password has been changed, ask them to issue you a different one. This is a temporary password that will allow you to access the account and change your information. When you are able, permanently change your password for this account and your security question.
  • Depending on the severity of the takeover, you may want to consider closing this account entirely and getting a new account. Make sure you inform those who you want to keep in contact with of the new account.
  • Get screen shots of the account if changes have been made to it. Keep these for your records.

Fraudulent Account Established

  • Keep in mind that just because you find somebody with a similar name as you does not mean that they are attempting anything malicious. There are millions of people who have similar names and similar interests. This could be a coincidence. Make sure you know the intent behind the creation of the account.
  • Take screen shots of the account for your records. If the fraudster has used pictures of you or personal information about you, make sure you get screen shots of it all for your records.
  • Contact the Network Administrator and explain what happened.
  • Often times a fraudulent social networking account is created by somebody who knows the victim. Do you know who could possibly be doing this? If so, inform people in your network of the fraud.
  • You might be able to file a police report with your local police department, depending on the motive behind the account.
  • You might want to consider changing your password and account information.
  • Talk to your local police department about filing a police report. Many states have laws on cyber bullying and cyber stalking as well as false impersonation of this kind. Speak with your local law enforcement or bar association about the laws in your state.
  • Each site has a different set of guidelines to follow in order to have fraudulent profiles removed from their social networking site.

Twitter and Similar Sites:

Account Take Over

  • Contact the company and explain what happened.
  • Look on their website for instructions on what to do. Try to get screen captures of anything that was posted fraudulently as you as well as any private/direct messages that were sent. You will need these for your records and if a police report is necessary

Fraudulent Account Established

  • Keep in mind that just because you find somebody with a similar name as you does not mean that they are attempting anything malicious. There are millions of people who have similar names and similar interests. This could be a coincidence. Make sure you know the intent behind the creation of the account.
  • Take screen shots of the account for your records. If the fraudster has used pictures of you or personal information about you, make sure you get screen shots of it all for your records.
  • Contact the Network Administrator and explain what happened.
  • Often times a fraudulent social networking account is created by somebody who knows the victim. Do you know who could possibly be doing this? If so, inform people in your network of the fraud.
  • You might be able to file a police report with your local police department, depending on the motive behind the account.
  • You might want to consider changing your password and account information.
  • Talk to your local police department about filing a police report. Many states have laws on cyber bullying and cyber stalking as well as false impersonation of this kind. Speak with your local law enforcement or bar association about the laws in your state.

I have one of those free email accounts and there is no phone number to speak to an administrator. What should I do?

Unfortunately with free accounts there is almost no way of speaking with a live person when you attempt to notify the administrator. Most of these sites do have an email address or an online report that you can fill out, but the chances of speaking to a live person are slim. Email service providers tend to only extend customer service phone numbers to those customers that are paying for their services.

  • Look under their “help” or “contact us” section of their website. See if you can locate an online form or an email address for direct contact information. Some administrators will issue you a one-time use password immediately so that you can access your account. Others may take a few days to grant you access back into your account.
  • In some cases the administrator may not be able to fix the problems and the thief is able to continue to gain access to your account. In these situations you may have to consider the possibility of abandoning this email account and getting a new one. In this case, if you are able, make copies of all important emails you may be storing in this account. Delete this information so that the thief will not be able to access it again.
  • Do not email anything to your new email address. This could potentially tell the thief where your new email address is and they may attempt to access it again.
  • Try to alert all those in your address book of the takeover so they know not to trust that address anymore.

Could This Lead to Identity Theft?

Yes, depending on what information you have stored in your email account or networking account and what online companies you were doing regular business with.

Email Accounts:

  • Access your online account with all of the companies who you do business with who could have sent you emails about your account/order status. Change your email to your new email account. Change all passwords and safety questions. You may want to consider changing account numbers if applicable. You must consider all the account numbers and information that could have been exposed to the perpetrator while the account was under the thief’s control, and consider whether that information could be used against you.
  • If you had banking information stored in your email, close down all accounts that might be affected. Open new bank accounts and place verbal passwords on those accounts with your bank. Get a letter from the banking institution stating when you closed down the account. If you continue to do e-business with this account, do not store account information in your email box.
  • If you do online stock trading, change the account number and password for your e-trading account. Change the email to the new email account. Do not store your account information in your email box.

Social Networking:

  • Make sure no personal information was posted online such as your address, phone number, social security number, driver’s license number, etc.
  • If you or anyone else’s Social Security number was stored in your emails or posted online, read our ITRC Fact Sheet FS 100 – Financial Identity Theft: The Beginning Steps about what steps to take.

What Can I Do to Protect Myself?

Email Safety:

  • Keep a hardcopy or printed list (like an address book) of all of the email addresses that are in your email account. This way, you can notify these people immediately if fraudulent activity does take place. Remember, you might be locked out of your account for some period of time.
  • Do not open attachments from people you do not know. Even if you know the sender, double check to make sure they did indeed send you the attachment.

Social Networking:

  • Set your account to “Private” so that only those who you invite can see your information.
  • Do not post any private information such as address, birth date, Social Security number, driver’s license number, location of schools or employment.
  • Do not give your password information to anybody.

General Safety:

  • Keep your virus scanner up to date.
  • Do not click on ads or banners as you could inadvertently activate a virus.

 

This solution sheet should not be used in lieu of legal advice. Any requests to reproduce this material, other than by individual victims for their own use, should be directed to This email address is being protected from spambots. You need JavaScript enabled to view it..

 

ITRC Sponsors and Supporters

 

 

 

 

Go to top