How to Remove Malicious Email Forwarding from Your Inbox
Has your email been acting strangely? Perhaps important messages are going missing, or friends are reporting odd replies from you. If so, you might be a victim of malicious email forwarding. This guide will walk you through how to find and remove these sneaky rules and help secure your account.
Act quickly if you suspect malicious forwarding! The longer it’s left, the more damage an attacker can do with access to your emails.
Recognising the Signs of Malicious Forwarding
It's not always obvious when your emails are being forwarded without your permission. Attackers try to be discreet, but there are usually some tell-tale signs if you know what to look for. Being aware of these can help you catch the problem early.
- Missing emails that you were expecting.
- Friends or colleagues receiving strange emails that seem to come from you, but you didn't send.
- Emails disappearing from your inbox shortly after they arrive.
- Login notifications for your account from unfamiliar locations or devices (check your email provider's security alerts).
Why Malicious Forwarding Happens
Malicious forwarding usually occurs after an attacker has gained unauthorised access to your email account. They set up forwarding rules to secretly send copies of your emails to themselves. This allows them to spy on your communications, gather personal information, or even impersonate you for financial gain.
Step 1: Change Your Password IMMEDIATELY
Before you do anything else, you need to change your email password. This is crucial to kick out the attacker and prevent them from regaining access while you're trying to fix things. Choose a strong, unique password that you haven't used anywhere else.
- Go to your email provider's website (e.g., Gmail, Outlook, Yahoo Mail).
- Navigate to your 'Security' or 'Account Settings' page.
- Look for the option to 'Change password' or 'Reset password'.
- Create a long, complex password with a mix of uppercase and lowercase letters, numbers, and symbols.
Step 2: Find and Delete Forwarding Rules
Now that you've secured your account with a new password, it's time to hunt down and delete any malicious forwarding rules. The exact steps might vary slightly depending on your email provider, but the general navigation is usually similar.
- Look for 'Settings', 'Options', or a gear icon in your email interface.
- Navigate to 'See all settings', 'Mail flow', 'Rules', or 'Forwarding'.
- Carefully review all existing rules. Look for any rules that automatically forward emails to unfamiliar addresses.
- Delete any suspicious rules you find. If you're unsure about a rule, it's safer to delete it.
Step 3: Check Other Security Settings
While you're in your email's security settings, it's a good idea to perform a thorough check to ensure no other malicious changes have been made. Look for things like recovery email addresses or phone numbers that aren't yours, and review recent activity logs.
- Review 'Recovery email' and 'Recovery phone' settings; remove any unfamiliar entries.
- Check 'Connected apps' or 'Third-party access' and revoke access for any apps you don't recognise.
- Look at your 'Recent activity' or 'Security events' – note any logins from unusual locations or devices.
Key takeaway
Finding and removing malicious email forwarding is a critical step in regaining control of your digital life after a security breach. By following these steps, you can put a stop to unauthorised access and better protect your personal information. Always stay vigilant and regularly check your email security settings.