Solution 20
Email Account Take Over

It can be very frustrating and scary to realize that your email account has been accessed by somebody else or worse, that it has been completely taken over. One thing you must understand if this happens to you is that this is not, by law, considered identity theft. Identity theft is when somebody uses your personal and unique information in order to acquire lines of credit or to avoid criminal prosecution. Depending on what the intruder uses the email account for it could potentially be considered false impersonation which is not the same thing as identity theft.

What Can I Do?

• Contact the email account administrator and explain what happened. If your password has been changed, ask them to issue you a different one. This is a temporary password that will allow you to access the account and change your information.
• Contact everybody in your address book. Inform them of the email take over. Ask if they have received and/or responded to any emails sent from your account during the time of the take over. If so, get copies of these emails from them. Look to see if the emails asked for anything (social security number, banking information, money to be sent someplace). If it does, ask the receiver if they sent anything back. If so, ask them to read our Fact Sheet 123.
•   Do change your password for this account and your security question. Depending on the severity of the take over you may want to consider closing this account entirely and getting a new email account, possibly with another company or on another server. Make sure you inform the people who you want to have your new email address of the change. 
•   We suggest that you run a virus scanner on your computer before you change any passwords. This will help to insure there are no viruses or key-logging software on your computer that could potentially capture and send to the thief your new password information.
• Gather all the information you have on who the account takeover person could potentially be, and any copies of any emails they may have sent. File a police report with your local police department. You can also file a report with the FBI/FTC’s task force for internet crime at www.ic3.gov .  

I have one of those free email accounts and there is no phone number to speak to an administrator. What should I do?

Unfortunately with free accounts there is almost no way of speaking with a live person when you attempt to notify the administrator. Most of these sites do have an email address or an online report that you can fill out, but the chances of speaking to a live person are slim. Email service providers tend to only extend customer service phone numbers to those customers that are paying for their services.

• Look under their “help” or “contact us” section of their website. See if you can locate an online form or an email address that you can contact them at. Some administrators will issue you a one-time use password immediately so that you can access your account. Others may take a few days to grant you access back into your account.
• In some cases the administrator may not be able to fix the problems and the thief is able to continue to gain access to your account. In these situations you may have to consider the possibility of abandoning this email account and getting a new one. In this case, if you are able, make copies of all important email you may be storing in this account. Delete this information so that the thief will not be able to access it again.
• Do not email anything to your new email address. This could potentially tell the thief where your new email address is and they may attempt to access it again.
• Try to alert all those in your address book of the takeover so they know not to trust that address anymore.

Could This Lead to Identity Theft?

Yes, depending on what information you have stored in this email account and what companies you were doing regular business with.

• Access your online account directly with all of the companies who you do business with. Change your email to your new email account. Change all passwords and safety questions. You may want to consider changing account numbers if applicable.   You must consider all the account numbers and information that could have been exposed to the perpetrator while the account was under his control, and consider whether that information could be used against you.
• If you had banking information stored in your email, close down all accounts that might be affected. Open new accounts and place verbal passwords on those accounts. Get a letter from the banking institution stating when you closed down the account. If you continue to do e-business with this account, do not store account information in your email box.
• If you do online stock trading, change the account number and password for your e-trading account. Change the email to the new email account. Do not store your account information in your email box.

If you or anyone else’s social security number was stored in your emails, read our Fact Sheet 100 about what steps to take.

What Can I Do to Protect Myself?

• Keep a hardcopy or printed list (like an address book) of all of the email addresses that are in your email account. This way, you can notify these people immediately if fraudulent activity does take place.   Remember, you might be locked out of your account for some period of time.
• Do not open attachments from people you do not know. Even if you know the sender, double check to make sure they did indeed send you the attachment.
• Do not use password managing software that stores all of your passwords. There are viruses and worms that specifically attack these programs in order to gain access to your computer.
• Keep your virus scanner up to date.

Other Fact Sheets to read:

Solution 13 - Internet Safety

Fact Sheet 118 – PC Perfect Quiz

Fact Sheet 119 – Firewalls and Computer Safety

Fact Sheet 123 – Scams and Phishing

Solution 20 – Email Account Takeover 20080108 ©2008 Identity Theft Resource Center

Email:   itrc@idtheftcenter.org