Learn how legal professionals use technology to adapt to consumer expectations in the 2021 Legal Trends Report

What To Do If Your Email Account Has Been Compromised (Current or Former)

Objective:

  • How to secure my online profiles
  • What to do if my email has been hacked
  • My email is compromised. What can I do?

Environment:

  • Clio Manage
  • Anywhere you have a profile!

Additional Information:

  • Learn more about how to secure your Clio Account here.

Answer:

What to do if one of your mail account(s) is/are compromised (current or former one)

1. Connect ASAP to the mail account and change your password

  • Choose passphrase instead of password
  • Passphrases made upon some known books, movies or memories belonging to you only are easier to remember on the long run. Make up your own.
  • Use a password manager (preferably a web-based one like 1Password or LastPass. If you'd like a local option, KeePass would be your best bet)

2. Activate 2FA (Two Factor Authentication) on your Clio account

  • Push notification available via Clio App on iPhone
  • Regular 2FA code via Google Authenticator App, Microsoft Authenticator App, FreeOTP, etc..

3. Activate 2FA on every account you can possibly do:

In order of preference (best first), we recommend you to use:

  • Hardware Key (like Yubikey, Titan Key, ...)
  • Mobile Push (like Duo, Google, ...)
  • Virtual Authenticator App (like FreeOTP, Google Authenticator, Microsoft Authenticator, ...)

If you have no other choices, last resort is SMS-based 2FA.

Note that SMS-based 2FA is not secure anymore due to SIM-swap attacks. This is when a bad actor tricks your mobile phone operator support service to activate a new SIM on your phone subscription, allowing them to impersonate yourself. It then gives it the access to all 2FA SMS codes you can potentially receive.

4. Do not close old email accounts you no longer use

  • Instead keep them 'dormant', also with strong password and 2FA.
  • Set up a mail forwarding to your actual/current mail account so you get notified on any activity on the old account.
  • This is particularly useful in order to avoid impersonation. If you close your old account (MSN, Yahoo, Gmail, etc...) then attackers can freely recreate it under their control and then send emails to your contacts posing as you.

5. Lastly, inform your contacts about the security issue with this compromised email account so they don't fall victim of impersonation attack.

  • The attacker may have sent phishing emails to your contacts with malicious links/attachments so it's best to mass email your contact list to let them know

6. If that old email/password combination was used on any other account, update the password and/or email associated with that account.

Important links to remember:

Was this article helpful?
This information is confusing or wrong
This isn't the information that I was looking for
I don't like this functionality