This article was co-authored by Yaffet Meshesha and by wikiHow staff writer, Darlene Antonelli, MA. Yaffet Meshesha is a Computer Specialist and the Founder of Techy, a full-service computer pickup, repair, and delivery service. With over eight years of experience, Yaffet specializes in computer repairs and technical support. Techy has been featured on TechCrunch and Time.
There are 8 references cited in this article, which can be found at the bottom of the page.
This article has been fact-checked, ensuring the accuracy of any cited facts and confirming the authority of its sources.
This article has been viewed 409,068 times.
This wikiHow teaches you how to keep your email account safe from hackers. Sadly, hackers and scammers often target peoples' email accounts to gain access to sensitive information, and their tactics can be pretty convincing. Having a secure password is just the beginning—you'll also need to watch out for scam emails with redirected login links, fake technical support representatives, attachments and software that install malware, and people looking to steal your identity.
Keep Your Email Safe From Online Hackers
There are a few things you can do to protect your email account from hackers. Use a strong password that mixes letters and numbers, and enable 2FA if you can. Only open attachments that you know are safe, and never click links from someone you don't know. Also, always make sure your computer and antivirus are updated.
Steps
-
Create a strong password. A good password is hard for other people to guess, difficult for software to crack, but easy for you to remember. It can be difficult to come up with a password that meets all of your email service's criteria that's actually easy to remember, but here are a few tips:[1]
- Your password should be long: The golden rule now is that a password should be 12 characters and contain a mix of uppercase letters, lowercase letters, numbers, and symbols.[2]
- Don't forget to password-protect your phone or tablet: Even if it makes it take a little longer to access your home screen, always password-protect your mobile devices. If someone else gains access to your unlocked phone or tablet, they'll have access to all of your apps, including your email.
-
Use a unique password for your email account. Avoid the temptation of reusing passwords on multiple accounts. If you use the same password to log in to your favorite website as you do your email, you're putting your email at risk—if someone cracks your password on that site, they'll also have your email password.
- Since there are so many passwords to remember nowadays, you may want to try using a password manager.
- Avoid choosing the option to save your passwords on the web. If you save your password to make it easier to log in, anyone using your computer may access your email. This is especially important when you're using a public computer.
Advertisement -
Turn on two-step verification. Most of the popular email services, such as Gmail and Outlook, allow you to enable two-step verification, which adds a second layer of protection to your account. When two-step verification is turned on, you'll also have to enter a special security code that is sent to you via SMS or in an authentication app when logging in from an unknown source (a computer in a different area than you usually log in from). This makes it so if someone manages to crack your email password, they'd also need access to your phone to actually sign in.[3]EXPERT TIPTechnology SpecialistBrandon Phipps is a Technology Specialist based in Bakersfield, CA. He is the owner of Second Star Technologies and specializes in Managed IT Services for small and mid-sized businesses in Bakersfield, CA. With over 23 years of experience, he offers expert cloud computing, cybersecurity, and network management solutions. Brandon is a committed community member and coach who leads and innovates in tech and sports coaching. His dedication to local businesses and communities is evident in his hands-on, tailored approach to IT solutions.Brandon Phipps
Technology SpecialistEnable two-factor authentication on all your digital accounts. That applies to all your personal accounts, business accounts, finances, client information, and productivity apps. Two-factor authentication protects your sensitive data from unauthorized parties and reduces the risk of security breaches.[4]
-
Make sure your computer is up-to-date and protected. To stay safe, make sure your antivirus/antimalware software is up-to-date, and that you're running the latest version of your operating system and email application. Out-of-date security suites often don't have the coding necessary to deal with newer viruses or hacks.[5]
- Also, be careful when installing free software—sometimes software comes with sketchy malware. Research apps before you install them.
- If you're using Gmail, you should frequently check which apps you've allowed access to your account or perform a Security Check. If you're using Outlook, you can check your account history to make sure nothing you haven't approved has happened.
-
Avoid opening attachments unless you already know what it is. Unless you know exactly who the sender is and what the attachment is for, resist the urge to click anything in the email.[6] Attachments can install malware on your computer, which makes it easy for hackers to access your email and your other personal information.
-
Don't click any login links or buttons in an email message. Scam emails might also include fake login links or buttons that redirect you to a different website that captures your password. These emails are often very convincing and look like they come from a legitimate company or service you do business with. Even clicking the link can bring you to a site that looks like one you use often.[7]
- If an email asks you to log in to update information or correct a billing error, open a web browser window, go to the address of the website directly, and log in that way to see if anything needs to be changed.
-
Learn to identify phishing scams. Scammers may use email to target victims—they'll often send emails requesting personal information that can be used to forge your identity, such as your social security number or banking information. Never provide any personal information over email unless you know exactly who is requesting the information.
- If you're using Gmail or Outlook, you'll see a red or yellow message at the top of the email, warning you that the email might be spam or a phishing scam.[8]
- Check the return email address—is the person claiming to represent a certain company but using a free email account? Check the domain name (the part that comes after the @ sign) in the email address—is that actually the company's domain name? Sometimes scammers register fake domain names that look like the real thing to bait victims. For example, you could get an email from @netfl1x.com instead of the actual site, @netflix.com.[9]
- Does the message contain an offer that's too good to be true, or a claim that you've won a contest you never actually entered? Are you being asked to wire money to someone you don't know? These are all signs of scams.
- When in doubt, if a scammer claims to be affiliated with a company, contact the company or service directly by phone or on their website. If there's a phone number in the email, don't call it—instead, go directly to the company's official website and locate the phone number there. Sometimes scammers include fake contact information.
EXPERT TIPTechnology SpecialistBrandon Phipps is a Technology Specialist based in Bakersfield, CA. He is the owner of Second Star Technologies and specializes in Managed IT Services for small and mid-sized businesses in Bakersfield, CA. With over 23 years of experience, he offers expert cloud computing, cybersecurity, and network management solutions. Brandon is a committed community member and coach who leads and innovates in tech and sports coaching. His dedication to local businesses and communities is evident in his hands-on, tailored approach to IT solutions.Brandon Phipps
Technology SpecialistBe careful when clicking on links or sharing your personal information online to avoid security breaches. Cybercriminals send emails with malicious links to deceive users. Verify the sender's identity and take precautions before clicking on any links or sharing personal information to prevent unauthorized account access.
-
Do not share your password with anyone. If anyone ever asks you for your password—even if they claim to work for your email service's support team—do not give them your password. There is never a need for a technical support representative to ask you for your password over the phone or email. Your password is meant to be private.
-
Make your security question answers difficult to guess. If your email provider allows you to set up security questions in the event that you lose your password, don't enter answers that someone else can figure out, such as your mother's maiden name or your first pet's name.
- If the questions provided are pretty simple, you may want to enter something that isn't the actual answer to the question—such as "Flamingo" as your mother's maiden name. Just make sure not to forget what you enter!
How Do I Keep My Data Secure In The Cloud?
Expert Q&A
-
QuestionHow common is it for your email to be hacked?Yaffet MesheshaYaffet Meshesha is a Computer Specialist and the Founder of Techy, a full-service computer pickup, repair, and delivery service. With over eight years of experience, Yaffet specializes in computer repairs and technical support. Techy has been featured on TechCrunch and Time.
Computer SpecialistIt's actually extremely uncommon. People tend to think that this kind of thing happens all the time, but it's actually pretty rare. These days, the main way you're going to get in trouble with emails is if you open a phishing scam. -
QuestionWhat's the best antivirus for Windows?Yaffet MesheshaYaffet Meshesha is a Computer Specialist and the Founder of Techy, a full-service computer pickup, repair, and delivery service. With over eight years of experience, Yaffet specializes in computer repairs and technical support. Techy has been featured on TechCrunch and Time.
Computer SpecialistWindows actually has a built-in anti-virus program called Windows Defender. I know it feels like you're getting extra protection when you pay for an antivirus program, but those paid programs are actually not all that better than the built-in version on your PC. -
QuestionHow can I tell if an email is legit?Yaffet MesheshaYaffet Meshesha is a Computer Specialist and the Founder of Techy, a full-service computer pickup, repair, and delivery service. With over eight years of experience, Yaffet specializes in computer repairs and technical support. Techy has been featured on TechCrunch and Time.
Computer SpecialistYou can typically get a read on this just by reading the domain where the email came from. So, if you get an email from "James at Amaz0n," you're not actually getting an email from anyone at Amazon. Some of this boils down to common sense, but scanning the email address is always a key step.
Video
Tips
-
If you must type your password many times because of the reloading of the page or internet issues, do not copy and paste your password. Always type it. If you have it copied, you should copy a random word after that so when you leave the computer, another person can't paste it onto a page.Thanks
-
When creating a password, try choosing a word you can remember, but breaking up the letters with numbers and symbols. For example, w9i0k2i1h0oW! blends "wikiHow" with "90210" and adds an exclamation point to the end for good measure. This can be a helpful way to remember complicated passwords.Thanks
References
- ↑ https://edu.gcfglobal.org/en/internetsafety/creating-strong-passwords/1/
- ↑ https://support.microsoft.com/en-us/office/the-keys-to-the-kingdom-securing-your-devices-and-accounts-a925f8ad-af7e-40d8-9ce4-60ea1cac2ba4
- ↑ https://support.google.com/answer/2451907?hl=en
- ↑ https://consumer.ftc.gov/articles/use-two-factor-authentication-protect-your-accounts
- ↑ https://support.microsoft.com/en-us/windows/get-the-latest-windows-update-7d20e88c-0568-483a-37bc-c3885390d212
- ↑ https://consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams
- ↑ https://consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams
- ↑ https://support.microsoft.com/en-us/office/help-protect-your-outlook-com-email-account-a4f20fc5-4307-4ece-8231-6d4d4bd8a9ba
- ↑ https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44
About This Article
1. Make sure your computer is up-to-date and protected.
2. Use a VPN (if you're using a public computer).
3. Create a strong password.
4. Use a unique password for your email account.
5. Turn on two-step verification.
6. Avoid opening attachments unless you already know what it is.
7. Don't click any login links or buttons in an email message.
8. Learn to identify phishing scams.
9. Do not share your password with anyone.
10. Make your security question answers difficult to guess.
Reader Success Stories
-
"My Yahoo email has been hacked numerous times, I don't know how. I change my PW constantly but your PW tips here are fantastic. Thank you."..." more