If your email’s been hacked, you probably have a lot on your mind — your passwords are exposed, important documents might be vulnerable and your friends and family may complain about receiving spammy emails from your account. But once you’ve taken the first steps to recovery (doing a virus scan on your computer, changing your password and letting your email contacts know to ignore suspicious emails from you), you should make sure that your credit cards and credit score aren’t vulnerable as well. Here are four steps to keep your credit safe from a hacked email account.
1. Change passwords. Do it now.
This was probably your first step after noticing your account was hacked, but it bears repeating. Change the passwords on all financial accounts and avoid password reuse — choose a different password (and different security questions) for each site. And while it’s tempting to email your password to yourself in case you forget, avoid the temptation. Making a digital record of your username and password leaves you vulnerable to future attacks.
Since you’re changing all your passwords anyway, make sure they’re good ones. Check out these guidelines for a strong password.
2. Check all accounts for suspicious purchases
Check credit and debit card statements (or better, online account history) for any unusual transactions — if you see any, call your bank immediately. While most credit cards have zero-liability policies, federal law says that you can be on the hook for up to $50 on credit card purchases made before you report fraud. Debit card liability is capped at $50 if you report fraud within two business days, and $500 if you report it within 60 days of receiving your account statement. But if you report suspicious purchases after that, you could be on the hook for the whole amount. The earlier you spot a fraudulent transaction, the better.
3. Place a fraud alert
If your financial information is compromised, call one of the three credit reporting agencies (Equifax, Transunion and Experian) to issue a fraud alert to make it harder for thieves to open new accounts in your name. After you’ve placed a fraud alert, businesses will have to verify your identity before making a loan. As a result, you may have lenders calling you to double-check new accounts. You can also order one free copy of your credit report from each of the three credit reporting agencies.
You only have to call one of the three agencies — by law, they’ll have to notify the others. The alert expires after 90 days, so you might want to consider renewing it if you think your account is still at risk.
4. Get alerts for suspicious spending
Finally, consider signing up for a service like Mint.com that will let you see your purchase history in one place. Consider setting up alerts for suspicious activity — any debit card purchase over $100, for example, or spending over $200 for travel in a month. It may take a while to see evidence that your credit or debit card was hacked, but automated alerts will help you catch fraud even months after the hack.
Image via iStock.