Summary

1. (Successful phishing scams frequently result in compromised accounts.  Phishing is a term used to describe false emails sent from spammers claiming to be sent from a legitimate company (for example, EarthLink or well-known banks) and asking for your username and password. These emails may look quite authentic. 
   
2. Please note that legitimate email communications from EarthLink will direct you to MyAccount or chat or ask you to call Customer Support to take the desired action on your EarthLink account.   EarthLink will never ask you for your password in an email.  
   
3. If you receive a suspicious email where personal information such as your password is requested, you can ignore and delete it or report it as spam in Web Mail.  For step by step instructions on how to report spam via webmail, please visit:  How to Report Fraud, Junk and Spam.
   
4. Email usernames and passwords can be acquired from security breaches suffered by other service or product providers such as the recently publicized breach suffered by Sony. If you are using the same password for your EarthLink account as other accounts that were breached, then spammers may use this information to access your EarthLink email and send spam.  
   
5. You may have a virus on your computer that allows spammers to discover your email username and password.  Please read below to learn about anti-virus procedures that will help you protect your computer.
   
6. Choose your secret hint and word wisely.  You should not use an Answer that is readily available on the internet or through other sources.  Your secret word is often used to verify your identity when account changes are being made.  
   

To protect yourself, the first step is to run an anti-virus scan on your computer.  This can be done with any anti-virus program of your choice.  EarthLink offers a free anti-virus tool called Protection Control Center that can be downloaded from your MyAccount page at http://myaccount.earthlink.net.  Just click on the link under My Downloads.  We also offer industry-leading solutions from Symantec such as Norton 360 for a low monthly charge. Make sure that you update your anti-virus definitions before running a scan as it is important that you have the latest updates.

After running your anti-virus scan, you will want to immediately change your password and your account's Secret Word.

To change your Secret Word, log into http://myaccount.earthlink.net.  Click on your Primary email address and then click the Edit button next to Security Word.  There are several Hints available.  You will need to select one, but you do not have to use an Answer that is related to the Hint if you do not wish.  You should not use an Answer that is readily available on the Internet or through other sources in reference to yourself.  It is very important that you remember your Secret Word if you need to make future account changes.  You will need to verify your account with either your Secret Word or your Billing Information if you speak with an agent.  Click Save Changes and then OK.  

Next you will want to change your Email passwords. Click the Email Profiles link on the left side of the page to see all of your available email address. You can change your password by simply clicking on the email address and then click the Edit button across from Password to make a change. We recommend that you select an 8 to 12 character password. Make sure you use the maximum number of characters available and that your password is not something easy to guess. Do not reuse a previous password and avoid common passwords like trust, password, p8ssw0rd, or 1234. If your account has been compromised, you should repeat this process for each email address on your account.

Here are the specific requirements for all new passwords.  The more complex you make it, the harder it will before someone to compromise it later.