What To Do If Your Zimbra Email Account Is Compromised

It can happen to anyone. If it happens to you, the most important thing is to remain calm and simply deal with the issues as best you can. Most times when an email account is compromised it is a hassle but overall things tend to turn out fairly well.

If your email account administrators have reached out to you to notify you that your account was compromised, they have most likely locked the account to stop any further access until you complete some steps to help ensure your devices are secure and the account is ready to be opened up. Here are the most common things that need to be done.

1. Have an IT security professional do a security checkup on your device(s):

• Contact an IT security professional who can help you assess the security of your device(s). They can check for malware or viruses that may have caused the breach and provide recommendations on how to prevent future attacks. It is important to do this on all devices you use to access the affected email account.
• Make sure to also change the passwords for any other online accounts that may have used the same login credentials as your hacked email account.

2. Reach out to any contacts that may have been compromised and notify them not to open unexpected links or attachments:

• It's important to inform any contacts that may have received spam messages from your hacked email account to avoid opening any unexpected links or attachments, which may contain malware or viruses.
• You can also advise them to update their own passwords and review their own security if there is any concern they may have been targeted.

3. Install security software as needed:

• Depending on the results of your security checkup, you may need to install additional security software to protect your device(s) from future attacks.
• Some recommended security software includes anti-virus, anti-malware, and firewall software. Make sure to regularly update the software to ensure it provides optimal protection.

4. Other recommendations:

• Avoid clicking on suspicious links or downloading unknown attachments in the future.
• Consider if your email account login name is too simple. For example if your email is something like harry@mybusinessname.com and you use that as the username for your email account, consider changing it to something more unusual such as harry.stylish.433@mybusinessname.com instead. You can still send and receive email as harry@mybusinessname.com but now attackers are less likely to guess your username so they may have a harder time hacking your account.
• Regularly backup your important files and data to avoid losing them in case of another attack. For more information visit: https://www.silverservers.com/email-articles/how-to-backup-zimbra-email-and-upload-the-backup-file-into-thunderbird-for-offline-email-storage
• Stay up-to-date with the latest security news and best practices to better protect your device(s) and online accounts.
• For online accounts, check all of the forwarding and remote access settings to ensure there are no “back doors” set up to regain access to your account once the password is changed and access is restored.

Once you’re confident your devices are secure contact your email administrator. They will work with you to change your password and get you back into the account. Once you’re in, check through your folders and respond to any emails from real contacts as needed.

Find more related content on our blog about Email Support and Security topics