Here are some general security tips to keep your email account safe.1. Use a unique password for your email that you do not use anywhere else. The reason for this is pretty simple. Most websites when you register on them ask you to give them your email address. If you give that website your email address AND you use the same password that you used on your email login, you've just given that website access to your email account. Most websites are probably trustworthy. But what happens if that website gets hacked and someone steals all your registration information? Now some hacker has your email login information. So ALWAYS use a unique password for your email account that you do not use anywhere else.
2. Do not use a simple password. A simple password would be one that's only a few characters long and/or consist of simple words. Most hackers are not sitting in front of a computer typing in one password at a time. They have tools to automate it. So if your password is very short or consists of simple words, they can use a dictionary to guess your password. The best passwords are at least 10-12 characters long. Longer is even better. And it's good if it contains a mixture of letters and numbers. Even better if it contains letters, numbers and punctuation characters like $#@!%. Most passwords are case sensitive, which means mypassword is not the same as myPassWord. So mixing up the casing of the letters is another very good method to make your password hard to guess. The best passwords combine all of this into something called a pass phrase. A password implies a single word. A pass phrase is a combination of words.
So rather then having 'password' as your password, you would have 'this is my password' as your password, or pass phrase. And if you combine it with the other suggestions it might look like '@thiS is mY 1 passworD!'
3. Pick security question/answers only you know. Many websites ask you to set up security questions that you can answer if you ever forget your password, or login from a strange computer. These security questions can turn into security holes. If you pick a very simple question ' what is my favorite color' and pick an equally simple answer 'blue', it wont take very long for someone to guess your security answers. The best thing to do is to pick questions that only you would know the answer to. However, many sites don't allow you to type your own question, you have to pick one of their questions. And their questions are often questions that other people know the answer to. Like what school you went to, the name of your spouse, your first job etc. Those are all questions other people have the answers to and in many cases even strangers can find the answers to them by doing a little google searching. For example, if you have a linkedin account, your first job AND what schools you attended might be listed there. Your spouse might be listed on facebook or another social site.
So if you can't type in your own question, you can always give an answer that has nothing to do with the question or is completely made up. For example, if it asked what school you went to, you might say Startfleet Academy (although in my case my friends could guess I'd pick that answer). Or make up an answer that's completely random. Instead of Starfleet Academy, you could say apple pie. You just have to remember the answer you give. The key is to make sure it's an answer know one but you knows and no one could figure out.
4. Don't type your password into strange computers. It's basically the same as catching an STD. You don't know who else used that computer or where it's been. That computer could have a virus on it and as soon as you type in your password, it's recorded it and sent it off to some nefarious hacker who now has access to your account. This applies even to your friends computer, unless you are sure they are practicing safe computing.
How can you tell if you were hacked/if a friend was hacked?
6. You wake up one morning and suddenly find a bunch of returned messages in your email. This is a good sign your account may have been hacked. This could be because the hacker logged into your email and then sent out an email to EVERYONE you ever emailed before. Or at least everyone in your address book. Some of those emails might have gone to addresses that don't exist anymore, or might have been caught by spam filters. That's why you'll suddenly have a bunch of returned messages in your email.
Many email websites allow you to check and see all the places you logged in from. if so, take a look and see if there's a login from somewhere you've never been, or at time you know you weren't online. If you find a strange login or have an inbox full of returned messages, it's time to change your passwords and contact your friends and let them know not to click any links that were sent.
I strongly encourage you to see if your email provider has 2-step authentication. If not, I would switch to someone who does.