Protecting Your Email Password Resets with a Spoof Account

Cybercriminals are becoming more and more creative when it comes to hacking you. Let’s just use one type of account as an example here—your banking account.

If you forget your banking password, you simply click on the “forgot password” link and the bank will send an email to the address on file. This address will have a link that you click to reset your password. Usually, this works simply and safely.

But what if your email itself has been hacked?

This means the bank sends your email a password reset, and the thief can then reset the password to something else entirely, that only they know. Now, the thief has access to your banking account and can even change your online profile and email address to block you out completely. Then they can do the same thing to every single one of your other accounts.

So how are hackers doing this?

One way is with spoofed email accounts. They can set up a very convincing email that looks exactly like it came from Google or Yahoo.

Once you click on the email and its accompanying link, it will take you to a spoofed page looking exactly like a log-in screen for that email. Once you log in by entering your password, they have you and can hold onto the password until they decide to use it.

What can you do to protect yourself?

One thing you should do is always follow strong email etiquette. Never open an email from someone suspicious or that asks you directly for your password.

But spoof accounts look legitimate. The best thing to do is always be skeptical. If it gives you any hints of being fake, don’t open it. Instead, contact your email customer support and ask them if the email is legitimate.

Another way to protect yourself is to set up two-factor authentication on your password accounts. When you log in, you must enter your password as normal. But then the website sends a text message with a code to your cell phone.

You take this code and enter it into the website to complete the log in. A hacker may be able to gain access to your email and passwords. But they won’t have your physical cellphone in their possession to complete the second part of the log in.

If you get a text and you haven’t attempted to log in, then you know you’ve been hacked.

Our passwords are the keys to our digital lives and livelihoods. If we lose these, we can be locked out of our emails, bank accounts, and files. And if someone else steals them, they can have free reign just as if you had handed your house keys over to a burglar. Just like street criminals are becoming smarter as new security is developed, so are cybercriminals. One of their tools may be the equivalent of having your door lock changed so that only they have the key.

We keep your website running efficiently, so you don’t have to. We offer flexible hosting service packages starting at $10.00 per month, with several packages to choose from that will accommodate your specific business needs. Find out more about us and our web hosting at If you need help building a custom, optimized website, visit our other site: We specialize in helping the little guy - small businesses - with their online presence.

Comments are closed.