¿What to do if you think your email has been hacked?
Email is one of the most critical tools you use every day. If someone gains access to your inbox, they can not only read your messages but also reset passwords for linked accounts, steal your identity, or spread malware from your address. That’s why, if you even slightly suspect that someone may have accessed your email without permission, it’s crucial to act quickly.
Today, we’ll walk you through the step-by-step process of what to do if you think your email has been hacked.
1. Check for unauthorized access
Before panicking, try to confirm whether there really was an external login. Most email providers (like Gmail, Outlook, or Yahoo) offer a recent activity log. You can usually see details such as the location, IP address, device type, and time of access. If you notice any unfamiliar activity (like logins from unknown places or devices) it’s a strong indication that your account may have been compromised.
How to do it:
Gmail: Scroll to the bottom of your inbox and click on “Details” (bottom right corner). There you’ll see the recent IP addresses, locations, and devices that accessed your account.
Outlook: Go to account.microsoft.com > “Security” > “Sign-in activity.”
Yahoo Mail: Go to “Account Info” > “Recent activity.”
If you see sign-ins from unknown locations, unusual times, or devices you don’t use, it’s very likely that someone has accessed your account without permission.
Change your password immediately
If you still have access to your account, the first thing you should do is change the password to a new, long, and secure one.
¿What to keep in mind?
- Don’t use obvious passwords or ones you’ve used before.
- Combine uppercase and lowercase letters, numbers, and symbols.
- Avoid personal data (name, ID number, dates).
- If possible, use a long phrase that you can remember, but that’s hard to guess
Log out of all active sessions
Once you change the password, it’s ideal to log out of all active sessions to expel anyone who may have accessed your account.
How to do it:
- In Gmail, from “Details” (as in step 1), you can log out of all sessions except the current one.
- In Outlook and other services, look for the option “Sign out of all devices” or “Sign out of all sessions”
4. Enable two-step verification (2FA)
Two-step verification or multi-factor authentication adds an extra layer of security. Even if someone gets your password, they won’t be able to access your account without the second code.
¿How to activate it?
- In Gmail: Account Settings > Security > Two-step verification.
- In Outlook: Security > Advanced options > Two-step verification.
- Use apps like Google Authenticator, Authy, or your phone’s notification system.
Check your account settings
An experienced attacker may have changed certain settings to continue spying without you noticing.
Recommendations:
- Check if there are automatic email redirects to another address.
- Review if any recovery email addresses or phone numbers have been added.
- Check if the language or access options have been changed.
- In Gmail, also check the active filters, as they can automatically hide or forward emails.
6. Notify your contacts.
If you notice that emails were sent from your account that you didn’t write, it’s important to notify your contacts so they don’t click on links or open files from suspicious sources.
You can send a brief message like:
“Hi, it looks like my email account was compromised. If you received a strange message from me, please ignore it and don’t open any links. I’ve already taken steps to resolve the issue. Thanks!”
7. Check if your email was used on other sites
Many services are linked to your email (social media, banks, online stores, etc.). If your email was hacked, they could have taken the opportunity to request password resets and gain access to other services.
¿What to do?
- Log into the most important platforms where you have accounts and check for any unusual changes.
- Change the most critical passwords: online banking, social media, cloud storage, etc.
- Enable 2FA on all possible services.
8. Check if your email appeared in massive databreaches
You can use sites like HaveIBeenPwned.com to check if your email address was part of any known data breach.
If you appear in a breach, change the password immediately for that service and any other services where you use the same password (though it’s never recommended to reuse passwords).
9. Scan your devices for malware
In some cases, the issue may not only be with your account but also with your computer or phone. If you have a keylogger or trojan, the attacker will continue to have access even if you change the password.
¿What to do?
- Run a full scan with your antivirus.
- Also, use an anti-malware tool like Malwarebytes.
- If the problem persists, consider restoring the device to factory settings (after performing a backup).
10. Contact the provider's support if you’ve lost access
If you can no longer access your email account, you need to start the recovery process.
Each platform has its own system:
The more information you can remember (previous password, security answers, dates, etc.), the higher your chances of recovering it.
Learn how to solve these cases with Heimdall
Having your email hacked is serious, but if you act quickly and wisely, you can minimize the damage and regain control. The important thing is not to underestimate the situation: your email account is not a minor issue; it’s a potential gateway to all your other accounts.
If you’re interested in these topics and would like to learn more, follow us on our social media, as we’ll soon be launching a training course to prepare future cybersecurity professionals.
TU SEGURIDAD
EN BUENAS MANOS
Bundles
Información
¿Tienes alguna duda sobre los servicios? ¡Llámanos!
Heimdall Agency copyright © 2024. Todos los derechos reservados
Cyberattack on medical software also affects Santa Fe
Over 600,000 medical records leaked and new victims in the country’s largest healthcare data breach.
What began as an isolated case in private clinics in Córdoba has now been confirmed as a massive and expanding cyberattack that is also affecting medical institutions in the province of Santa Fe. The vulnerability remains the same: the medical software provider Informe Médico, compromised in a sophisticated supply chain attack that has put dozens of healthcare centers across the country at risk.
According to recent reports, over 665,000 medical records have been leaked, this time linked to clinics and hospitals in Santa Fe. This dramatically increases the number of victims and makes this breach the largest healthcare data leak in Argentine history.
The same provider, a new wave of victims
The pattern repeats itself: the attackers did not target clinics or hospitals directly, but instead compromised the system they use to process, store, and share clinical studies. From lab reports to radiological images, the stolen information is now circulating on underground forums on the dark web.
Santa Fe in the crosshairs
The impact on the province of Santa Fe is significant. Clinics that had until now trusted a system that seemed secure are now vulnerable, with their patients’ information exposed. Cybersecurity expert Rodrigo Álvarez, speaking to local media, warned that the data is already up for sale and that the current threat lies in identity theft and highly targeted phishing attacks.
“The attackers pose as the affected clinics. They use the logo, the name of a medical test, or a matching date. They call via WhatsApp or send messages to deceive the patient. That’s the new front of attack,” Álvarez warned.
What was leaked in this second wave?
- Medical studies (CT scans, ultrasounds, lab tests)
- Personal information of patients and healthcare professionals
- Medical records with diagnoses, dates, names, and treatments
Consequences and concerns
Although this is not a typical ransomware attack, the data extortion method proves to be even more dangerous. No systems were encrypted — information was stolen directly and is being sold for cryptocurrency, beyond the reach of traceability.
This new chapter of the attack reveals a structural weakness affecting the entire digital healthcare system in Argentina.
And it brings back the same unsettling question we asked just days ago:
Are we prepared to face a threat of this magnitude?
Massive cyberattack on healthcare center
Are your data protected?
A recent cyberattack on the medical services supply chain in Argentina exposed over 665,000 patient medical records, becoming the largest healthcare data breach in the country—and possibly in all of Latin America. This situation not only reveals a serious gap in digital infrastructure but also raises a key question for any organization:
¿Estamos preparados para enfrentar una amenaza de esta magnitud?
What happened: a compromised chain, thousands of victims
The attack was not directly aimed at healthcare centers, but at InformeMedico, a provider that digitizes medical studies such as CT scans, X-rays, ultrasounds, and lab tests. This type of attack, known as a supply chain attack, indirectly affects dozens of institutions that entrust their operations to third parties often unaware that their information may be left unprotected.
The result: the breach impacted 30 private clinics and medical centers, mainly in the province of Córdoba. Among them:
Centro Ginecológico Allende Pinto
Cañitas Salud
Instituto Gálvez
Sanatorio Privado Río Cuarto, among others.
What kind of attack was it?
This was not a traditional ransomware case. It was an even more stealthy and dangerous method: data extortion. The cybercriminals didn’t lock the systems instead, they stole the information and put it up for sale on underground forums, using internal currencies to avoid being traced.
What was stolen?
Personal data of patients and doctors
Medical test results
Information with potential for fraud, extortion, and identity theft
Why is it so serious?
Medical information is one of the most sensitive assets a company can handle. In the wrong hands, it can lead to:
Discrimination or stigmatization
Insurance fraud
Identity theft
Direct extortion of patients or professionals
Legal experts in digital law warn that current legislation does not provide sufficiently deterrent consequences for those who handle sensitive data negligently, and that the lack of a cybersecurity culture within the healthcare ecosystem worsens the problem.
How can these types of attacks be prevented?
As leaders in cybersecurity solutions, at Heimdall we know that prevention is more cost-effective and efficient than remediation. Here are some key recommendations for healthcare institutions and any organization handling sensitive data:
1. Third-party risk assessment
Thoroughly assess your vendors’ systems before entrusting them with data. A single weak link can jeopardize your entire chain.
2. Security policies and data encryption
Sensitive data must be encrypted at all times: in transit, in use, and at rest.
3. Segmented and controlled access
Apply the principle of least privilege. No one should have access to more than what’s strictly necessary.
4. Backup and incident recovery plan
Have a contingency plan that includes secure backups and rapid recovery.
5. Regular audits
6. Ongoing staff training
Human error remains the main entry point for attacks. Training saves data.
Conclusion: Cybersecurity is a shared responsibility
The case in Argentina is a warning for the entire region. Digital health cannot rely on unprotected technologies or providers without strict oversight.
At [Company Name], we help organizations shield themselves against these types of threats. We support you from the initial assessment through to the implementation of customized solutions and continuous monitoring.
Want to protect your company and sensitive data?
Contact us today and get a free consultation with our experts.
Source: Diario Perfil. Córdoba. Argentina
TU SEGURIDAD
EN BUENAS MANOS
Bundles
Información
¿Tienes alguna duda sobre los servicios? ¡Llámanos!
Heimdall Agency copyright © 2024. Todos los derechos reservados
Digital Scams: The Biggest Threat in 2025
The evolution of cybersecurity has advanced by leaps and bounds, but the techniques used by cybercriminals have also evolved. In 2025, digital scams represent one of the most critical threats for both individuals and businesses. The use of social engineering, artificial intelligence, and new fraud tactics makes even the most experienced users vulnerable to well-structured attacks.
Below, we highlight some of the most dangerous digital scams affecting millions of people worldwide and analyze how to protect yourself from these increasingly sophisticated threats.
Job Offer Scams
The online job market has grown exponentially, but so have scams related to fake job opportunities. Cybercriminals create enticing job listings on employment websites, social media, or send emails with job offers that appear legitimate.
How Scammers Operate
The most common scheme involves job offers with high salaries and minimal requirements. When the victim accepts, they receive a check or transfer for an amount higher than agreed. Then, they are asked to return the difference before the bank confirms that the check was fake, resulting in an immediate financial loss.
Another variation is the request for payment for “administrative processes,” such as medical exams, work licenses, or specialized software. Once the victim makes the payment, the supposed company disappears.
How to Identify Fraudulent Job Offers
Check the email domain: Legitimate companies use corporate domains, not free accounts like Gmail or Yahoo!.
Research the company: Look for information on Google and specialized forums.
Avoid upfront payments: No legitimate job offer requires payments for the hiring process.
Lottery Scams
Lottery scams remain one of the most widespread frauds. They rely on emails or messages informing the victim that they have won a million-dollar prize in a lottery they never entered.
How These Scams Operate
The email or message states that to claim the prize, the recipient must pay fees for insurance, taxes, or administrative processing. Additionally, they request personal information for supposed verification, exposing the victim to identity theft.
How to Avoid Falling for the Scam
- If you didn’t buy a ticket, you can’t win.
- Be wary of prizes that require upfront payments.
- Research the alleged company in fraud databases before providing personal information.
Estafas de beneficiarios
Also known as the “Nigerian Prince Scam,” this scheme has evolved with more sophisticated messages. It appears as a request for assistance in transferring large sums of money from abroad in exchange for a reward.
How These Scams Operate
Criminals use believable stories, such as blocked inheritances in international banks or persecuted businessmen needing to urgently transfer funds. To “unlock” the money, they ask the victim to make deposits to cover administrative or legal expenses.
How to Identify and Avoid These Scams
- Be wary of extraordinary stories promising great rewards with no effort.
- Never send money to strangers under any circumstances.
Always verify the sender’s identity and the existence of the supposed bank involved.
Charity Frauds
Scammers take advantage of natural disasters or humanitarian crises to solicit fake donations. They use fraudulent websites, emails, and social media to collect money that never reaches the real victims.
How These Scams Operate
They create fake charities with names similar to legitimate organizations.
They request urgent donations through hard-to-trace methods like cryptocurrencies or gift cards.
How to Avoid Being Scammed
Research the organization on official platforms like Charity Navigator or the FTC.
Avoid donations in cash or cryptocurrencies.
Ensure the website URL is secure and legitimate.
Tech Support and Repair Scams
An unexpected call from a “Microsoft technician” claiming to have detected a problem on your computer is often the start of this scam. Fake security alert emails may also be used.
How These Scams Operate
The scammer convinces the victim to install remote access software, allowing them to steal information and install malware. They then demand payment for the supposed “repair.”
How to Avoid These Attacks
No tech company will call you unless you have requested support.
Never grant remote access to your device to strangers.
Verify directly with the company through its official channels.
Social Media Scams
Social media is a breeding ground for scams, ranging from fake profiles to deceptive surveys designed to steal personal information.
How These Scams Operate
- Fake accounts send friend requests and then try to trick victims with malicious links.
- Fraudulent contests collect personal data under the pretense of entering a giveaway.
How to Protect Yourself
Do not accept friend requests from strangers.
Avoid clicking on suspicious links.
Use two-factor authentication (2FA) on all your accounts.
Robocall Scams
Robocalls have evolved to include voice phishing (vishing) tactics. Scammers impersonate banks, government agencies, and companies to steal sensitive information.
How to Protect Yourself
Do not provide personal information over the phone.
If in doubt, call the company directly using its official number.
Block and report suspicious numbers.
Text Message Scams (Smishing)
Smishing is phishing carried out through SMS or messaging apps. Scammers use alarming messages to trick victims into clicking on fraudulent links.
How to Avoid It
Do not respond to suspicious messages.
Verify directly with the company if the message is legitimate.
Use security apps to filter spam messages.
In 2025, scams continue to evolve and introduce new variations, making them increasingly difficult to detect. Therefore, if you want to keep your business protected, don’t hesitate to contact us at info@heimdallagency.com.
TU SEGURIDAD
EN BUENAS MANOS
Bundles
Información
¿Tienes alguna duda sobre los servicios? ¡Llámanos!
Heimdall Agency copyright © 2024. Todos los derechos reservados
Social Engineering Attacks: Intimate Videos
Online security is a growing concern for both businesses and individual users. Every day, cybercriminals develop new strategies to gain unauthorized access to personal and corporate data.
A recent case involving two 3D printer business owners is a clear example of how social engineering attacks can create panic and lead to rushed decisions.
Today, we’ll analyze what happened in this case, explain the techniques used by the attackers, and provide solutions to protect yourself from similar threats in the future.
The Email Blackmail Scam
The attack suffered by these entrepreneurs’ company was based on a social engineering technique called sextortion. In this type of fraud, attackers send an alarming email claiming to have gained access to the victim’s devices. They often assert that they have compromising evidence, such as private videos, to extort the victim into making a cryptocurrency payment.
The received message included the following tactics to instill fear in the recipients:
Email spoofing: Cybercriminals forged the sender’s address, making it appear as if the email came from the victim’s own account.
Credential exposure: A real password was included in the message, possibly obtained from a previous data breach.
Threat of private information disclosure: A supposed incriminating video was mentioned, which, in reality, did not exist.
Time pressure: A 50-hour deadline was imposed to make a Bitcoin payment.
The combination of these elements caused one of the entrepreneurs to panic and consider paying the ransom. However, their partner decided to act cautiously and consulted cybersecurity experts before making a decision.
How to Handle These Types of Attacks
It is essential to know the steps to take in the event of a digital extortion attempt to avoid falling into the trap and minimize any potential damage. Here are some key recommendations:
1. Do not panic and analyze the situation
The first step is to avoid reacting impulsively. Cybercriminals aim to create fear to provoke a quick, unthinking response.
Do not reply to the email or interact with any links or attachments.
Evaluate the content of the message and look for signs of fraud (grammatical errors, suspicious email addresses, demands for cryptocurrency payments).
Remember that attackers often rely on information from data breaches rather than actual access to your devices.
2. Verify if the account has been compromised
In many cases, cybercriminals obtain old passwords from leaked databases and use them to make their threats seem credible.
To check if your email address has been exposed in a data breach, you can use tools like Have I Been Pwned.
If your account appears in a breach:
Change your password immediately and avoid reusing old passwords.
Enable two-factor authentication (2FA) to add an extra layer of security.
3. Do Not Pay the Ransom
In any digital extortion attack, paying does not guarantee that the attacker will keep their word.
There is no way to ensure that cybercriminals will delete the alleged information after receiving the money.
Making a payment confirms that the victim is vulnerable to extortion, which can lead to more attacks in the future.
Contributing to these practices only encourages criminals to continue scamming more people.
4. Scan Devices with Up-to-Date Security Software
Although in this case, Manu and his team’s devices were not infected, it is always recommended to run a scan with an updated antivirus to rule out potential threats.
Additional measures to protect your devices:
Do not download files from unknown sources.
Avoid clicking on suspicious links received via email or messages.
Keep your operating system and software updated to reduce vulnerabilities.
5. Implement Security Best Practices in the Company
To prevent similar situations in the future, it is essential to establish security protocols in companies, especially when multiple people have access to critical accounts.
Some recommended actions include:
Use of password managers: Tools like Bitwarden or 1Password allow secure storage of credentials.
Access restriction: Only essential personnel should have credentials for business accounts.
Cybersecurity training: Educating all employees on how to identify phishing attempts and social engineering attacks is crucial.
Multi-factor authentication (MFA): Adding an extra layer of security, such as a verification code sent to a mobile device.
6. Report and Consult with Experts
If you receive a message of this kind, reporting it to cybersecurity authorities can help prevent future attacks.
At an international level Heimdall offers a cybersecurity helpline where experts can provide guidance.
Additionally, some email platforms, such as Gmail and Outlook, allow users to report suspicious messages so they can be blocked in the future.
TU SEGURIDAD
EN BUENAS MANOS
Bundles
Información
¿Tienes alguna duda sobre los servicios? ¡Llámanos!
Heimdall Agency copyright © 2024. Todos los derechos reservados