Protect yourself from Email Hi-Jacking

Other Web Sites by Joe Budelis:
Small business Telecommunications site at:
Small business Cloud Storage & Backup Options at:
Medium to large business Telecommunications site at:
Personal blog at:
Personal Web Page at:
Telecommunications blog at:
LinkedIn Profile at:
Resources Page at:Resources page of Joe Budelis

What to do if your Email ID is Hijacked

Below is some info that will be useful to you if your Email ID is Hi-Jacked. It was written by a friend who wishes to remain anonymous.

The problem, a scam artist (hacker) has the opportunity to log in to your email account (they have your email password). Don't know in what order they do this and all they might do, but based on my just past experience:

1. The hijacker will send out a bogus email to all your email addresses informing these individuals that you are in trouble, in my case stranded in Spain, and need assistance-money.

2. The hijacker, in your email account, will change it so that all emails sent to you will go directly to the hijacker (you will not see these emails). So now all subsequent conversation will be between the hijacker and who ever sends you an email of any sort (the individuals the hijacker sent their message to and anyone else that sends you an email message)

3. The hijacker will delete all your email addresses in your email account.

4. I have ATT Yahoo Email and all my email Folders (where I stored important email messages or at least ones I want to keep) were deleted.

5. Because your email addresses are deleted, all your email "list" identifications are lost. I have a email "list" called "cousins" where each of my cousins is identified. When I send a complete family email, I send it to "cousins", "uncles-aunts", "immediate-family" and they all receive it. I do not have to identify each person individually (all 300+).


As soon as possible after you have been hijacked, someone need to tell you that you this has happened (email messages to you don't help because they are go to the hijacker). Someone has to _call_ to alert you! You will notice this has happened the next time you log on to use email and find you have no email addresses. :

Important (immediately)

A. The hijacked person should change their email password.

B. The hijacked person should change the "reply to address" in their email account removing the hijacker's email address leaving only their email address. Once this is done, the hijacker is out of the loop. People will not inadvertently reply to the hijacker!


Keep how to do this some place other than in your email system (on Yahoo Email Service called email Folders). That is what I did and the hijacker deleted my email folders and lost this information.

Should you today (04 November 2012) try to change your email password, you will find you can't. Should you today go into your email account, you will not readily see where to find the "return to" email address as it is a bit hidden; great for the hijacker, not for you. I could not remember how to find it. Most definitely, you are a bit flustered at the time.

I had to call ATT Internet Services-Technical Support (number on my telephone monthly bill) and have them do it for me. To help them to do their job, I had to authorize the ATT technical support individual access my computer for them to do (item B). Goes faster that way but they could talk you through it (don't suggest this). For me, they ran into some difficulty in doing it. I watch on my computer as they did it. Don't forget to remove this authorization and downloaded software after you are through.

I just found out that the user cannot initiate a email password change (04 November 2012). The user has to call ATT Technical Support to cause this to happen. Why not also the technical support individual to initiate the "return-to" email address change. I personally don't like the technical support person "required" to be involved here.

The hijacker is not using your computer in any way. The hijacker is only in your Email Account on your email provider's email service and does all this through it. Once the hijacker has the information to get into your email account (has your email password), your computer does not need to be active for them to log on to your email account and do their scam thing.


Backup your email addresses so your email addresses can be "automatically" reloaded. (under Yahoo Mail, Contacts, Tools, "export/import" services). Your email "lists" are not backed up and you will need to rebuild them. Have talked to ATT yesterday to get this changed but don't expect it to happen, its wishfull thinking. If you have many large lists, it can take hours. In my case, it took 6 hours before I was able to re-identify them all and notify everyone that I had been hijacked.

You can not recover the emails saved in your lost email Folders!

Hope this will be of some help in your future planning.

Protected by Copyscape       

Princeton, NJ 08540