- Change passwords to everything. Many accounts now have an option that you can have your password "expire" prompt you for a new one periodically (usually every 72 days).
Where possible change your username and "attached" emails to financial accounts and social networking pages.
- Change your security questions and answers. These are the questions asked when you click "I forgot my password". If there was someone snooping in your email, they probably know you better than your best friend. It is likely they would know the real answers to questions like, "What high school did you go to?" Or "what is your library card number?"
- Check your sent folder in your email to make sure you recognize all the emails that have been sent from your account.
- Be aware that this will likely result in phishing, scam, and spam attacks increasing over the next few months. In addition to the evidence of a likely successful attack, email addresses that were exposed may have been harvested by spam bots. The upcoming holiday season makes for a great opportunity for criminals to leverage this information against unsuspecting consumers. Expect phishing attacks to appear to come from charities, your financial institutions and government entities.
-Make sure your computer's security software is updated and automatic updates are turned on and checked weekly, at least.
- Immediately report phishing emails to This email address is being protected from spambots. You need JavaScript enabled to view it. or This email address is being protected from spambots. You need JavaScript enabled to view it.. If you receive what is clearly a phishing email from your friend, call them and let them know, then forward the email to one of the reporting addresses for your domain.
- Login to your email, and using the search field type the word "password. Delete any emails you may have received from websites confirming your password change or providing a link to change your password. Then search for "user name" and delete those emails as well. Remember, if someone has access to your email you don't want to give them ideas about which website or account to try next.
