A friend of mine fell prey to a scammer and her email account got hacked.
They gained access to several of her online accounts and did a lot of damage.
Once someone gets access to your email account, they can click “Reset Password”
on any other site you use to gain control of it too. Consider setting up your
email and Facebook accounts to send a code to your phone whenever someone tries
to login from a new computer or device. This is called
“Two-Factor Authentication” or Two-Step Verification”. It requires something
you know (your password) and something you have (your phone) before you are
granted access on an unrecognized device. Here are links to pages where you
can setup two-factor-authentication for a few popular services:
Gmail: https://support.google.com/accounts/bin/answer.py?hl=en&answer=180744
Yahoo Mail: https://edit.yahoo.com/commchannel/sec_chal_manage
Facebook: https://www.facebook.com/settings?tab=security§ion=approvals&view
Dropbox (Click “Security” after sign-in): https://www.dropbox.com/account#security