DCHost has noticed over the last month a high level of email accounts being used to send spam messages through. We have found that in a number of cases the email account has been hacked due to weak passwords.
Below is some recommendations in securing your email account. Sending of spam email through your domain may lead to your domain being black listed and placed on lists as known spam domains. This will make it very hard to send emails from your domain. It’s important to look after your domain reputation at all times.
Step #1: Change your password
The very first thing you should do is keep the hacker from getting back into your email account. Change your password to a strong password that is not related to your prior password; if your last password was billyjoe1, don’t pick billyjoe2—and if your name is actually BillyJoe, you shouldn’t have been using your name as your password in the first place.
Try using a meaningful sentence as the basis of your new password. For example, “I go to the gym in the morning” turns into “Ig2tGYMitm” using the first letter of each word in the sentence, mixing uppercase and lowercase letters and replacing the word “to” with “2.”
Step #2: Check your email settings
Sometimes hackers might change your settings to forward a copy of every email you receive to themselves, so they can watch for any emails containing login information for other sites. Check your mail forwarding settings to ensure no unexpected email addresses have been added.
Next, check your email signature to see if the hacker added a spammy signature that will continue to peddle their dubious wares even after they’ve been locked out.
Last, check to make sure the hackers haven’t turned on an auto-responder, turning your out-of-office notification into a spam machine.
Step #3: Scan your computer for malware
Run a full scan with your anti-malware program. DCHost recommends that you make use of NOD32. This application is trusted throughout the world. Do a deep scan on your system. Make sure your Virus software is up to date.
If any of your scans detect malware, fix it and then go back and change your email password again (because when you changed it in step #1, the malware was still on your computer).