Recently a Scamicide reader told me that she had received an email from a friend of hers asking for a favor.  Her friend needed the Scamicide reader to send a gift card to someone because her friend was unable to do so and needed to send the gift card right away.  The email address from which the email was sent was indeed the email address of her friend, but the email was sent by a scammer who had hacked her friend’s email account and was sending the same email to everyone on the hacked friends contact list.  I have written about this scam previously, but it deserves to be repeated.
As I often tell you, you can never be sure who is actually calling you on the phone, sending you a text message or sending you an email.  Therefore you should never give personal information, credit card information, gift card information or wire money in response to such a communication unless you have absolutely confirmed that the communication is legitimate.  Gift cards and wiring money are two of the favorite ways that people are scammed so when you are asked to provide either of those, you should always be skeptical.  Nor, as I always advise you, should you click on a link in an email or text message unless you have confirmed that the communication is legitimate.  The risk of downloading malware by clicking on an infected link is too great.
But what do you do if your email account is hacked?
Here are the steps you should take if your email account is hacked:
1.  Report the hacking to your email provider.
2.  Change your security question.  I often suggest that people use a nonsensical security question because the information could not be guessed or obtained by research online. For instance, you may want the question to be “What is your favorite color?” with the answer being “seven.”
3. Change your password on your email account.  If you use the same password for other accounts, you should change those as well.
4.  If you haven’t already done so, set up dual factor authentication on your account so even if someone has your password, they would note be able to access your account.
4.  Contact people on your email list and let them know you have been hacked and not to click on links in emails that may appear to come from you.
5.  Scan your computer thoroughly with an up to date anti-virus and anti-malware program.  This is important because the hacker may have tried to install a keystroke logging malware program that can steal all of the information from your computer.
5.  Review the settings on your email, particularly make sure that your email is not being forwarded somewhere.
6.  Get a free copy of your credit report.  You can get your free credit reports from  Some other sites promise free credit reports, but sign you up for other services that you probably don’t want or need.   You should then consider signing up for an identity theft protection service if you have not already done so.
7.  If you have not already done so, put a credit freeze on your credit reports at all of the major credit reporting agencies.  Here are links to each of them with instructions about how to get a credit freeze:

If you are not a subscriber to and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of and type in your email address where it indicates  “Sign up for this blog.”