In today's world, we manage a significant part of our lives through emails. We use them to communicate with friends, family and colleagues. We also use email to sign up for online accounts and services.
Checking and managing your emails may seem like a mundane and repetitive task. But if you don't stay vigilant, someone else could access and control your email account. This can lead to devastating personal and financial impacts.
Cybercriminals can learn a lot about you from your emails. It is crucial to secure your email account, apply good habits, and know how to protect yourself from scams.
Understand the threats
Poor cyber security makes it easier for someone to hack your email account. This can expose you to identity theft, fraud and further attacks. Learning about online threats is a first step in protecting yourself from cybercriminals.
Phishing
Phishing is when someone tricks you into giving them your personal information by pretending to be a person or business you trust. They may ask you to open a malicious link or attachment to steal your login or other details.
Learn more about phishing.
Account compromise
You need your email to access many online services such as banking and shopping. But if a cybercriminal gains access to your email account, they could get into any account linked to your email. They can then lock you out of these accounts and steal your money and personal information.
Unusual account activity may be a sign of a compromise, such as a password reset or bank transfer you didn't make.
Learn about account compromise.
Identity theft
Identity theft can occur when a cybercriminal gets access to your personal information. Common details they steal include your date of birth, address and tax file number. They can then use these details to impersonate you for financial gain.
Learn more about identity theft.
Malware
Cybercriminals use malware (short for 'malicious software') to gain access to your data. You might open a link or attachment that downloads malware without you knowing. Some malware may even pose as antivirus or security products.
Learn more about malware.
Business email compromise
Cybercriminals can impersonate a business by using a fake or compromised email account. This is a form of targeted phishing made to look like a real company or employee. Their goal is to trick victims into providing sensitive information, money or goods.
Learn more about business email compromise.
Know the warning signs of email compromise
- Your login details don’t work.
- Your password recovery details have changed.
- You notice multiple login attempts at unusual locations or times.
- You get an unexpected email to reset your password.
- Your contacts are receiving emails from you that you didn’t send.
If you notice any of these signs or suspect your email is compromised, reset your password and sign out of all sessions. Then continue following our advice below.
Strengthen your email account security
There are several ways to make your email account more secure. Start by using multi-factor authentication and a strong password.
Practice secure habits
Improving your email account security is only the first step. You also need to be aware of what to do and what not to do when using your email at home and in public.
Protect yourself from scams and malicious emails
Cybercriminals will often pretend to be someone you know or trust. Learn how to reduce, identify, and handle scams or malicious emails.
Scamwatch is run by the National Anti-Scam Centre. They collect reports about scams to help warn others and stop scams. They also have the latest advice on how to spot and avoid scams, such as email scams.
More information
Review your email account security
How to check your email account security for Gmail and Outlook.
Recovering a compromised email account
Email accounts are valuable targets for cybercriminals. Not just because they store sensitive messages, but also because they can be used to impersonate the account owner, to spread scams, and to perform password resets.
Report and recover from business email compromise
Step-by-step guidance on how to respond to and recover from email compromise and impersonation attempts.