By now, we've all received those phishing spam messages with little or no information in the Subject line, containing some innocuous message with a web address to click, more recently from someone we email.
Of course, we immediately delete the message and let the sender know they are spamming. I also include the following steps for them to take to rectify their hacked email account:
Looks like your xxx email may have been hacked - please do the following:
1: change your email password to something more complex - letters and numbers, no dictionary words.
2: change your xxx challenge questions and answers
3: put your own email address into your contacts list.
4: print off or export to a CSV file your contacts list - some versions of this virus will delete your entire address book after sending out spam in your name.
5: don't update this email address/password with any of your other social networking sites - they are very prone to hacking, and raid email accounts where this information is provided.
When setting a password, it's always best to make sure it isn't a dictionary word. Mixing numbers into your password - substituting 3 for e and 0 (zero) for o, for example - works for most sites password requirements. Longer is better. Combining words from different languages is another suggestion.