In this article, we will explain what you should do if you think that your Sendinblue account was compromised.
How to know if your account was compromised
Here are some signs that can indicate that your account was compromised:
- Your credentials stop working. When trying to log into Sendinblue, an error message says that you used an incorrect email address or password. When encountering this error message, always double-check your credentials to ensure they are correct.
- Unfamiliar emails have been sent from your account. Sometimes, hackers don't change your password but take over your account to send spam emails or retrieve some of your information.
- You receive a lot of complaints from contacts. If you receive an unusual number of complaints from contacts reporting your emails as spam, this might indicate someone else is using your account.
- There are contacts in your contact lists that you don't remember adding. If you notice that additional contacts have been added to your contact lists, but you have not added them yourself, this might indicate someone else is using your account.
- You receive random notification emails. Suppose you have received an unexpected password reset email or a random notification email from Sendinblue noticing a login attempt made from an unknown device. In that case, this might mean that someone is trying to access your account.
What to do if my account has been compromised?
If you think your account was compromised, create a ticket or contact us here to inform us. We will suspend your account to avoid any fraudulent content from being sent until you complete the following actions:
- Update your password.
- Delete your existing API keys and create new ones.
- Enable two-factor authentication (2FA) to add a layer of security to your account.
- Check your trusted devices to make sure you know them all, and remove any trusted device you may have a doubt about. Removing a trusted device will automatically end any open sessions on that device.
- Investigate the incident internally to understand how it happened and what you can do to prevent it from happening again in the future.
Possible reasons for compromised account
There are a few reasons an account can be compromised:
- Your computer could have been infected with malware that records everything you type. All of your passwords, including your Sendinblue password, could have been stolen by a hacker. Run an antivirus analysis to check.
- The external framework (such as Laravel) that you are using could have been left open. Some of your passwords, including your Sendinblue password, could have been stolen by a hacker.
- A former employee who had been granted access to your account in the past could have attempted to compromise your account or change your password.
- Your API keys and script could have been published in public mode on "git" platforms and should be published in private mode instead.
- You could have connected your SMTP with an email client like Thunderbird or Outlook. If you have, run an antivirus analysis to check.
Best practices to prevent having your account compromised
- Use a strong password. You can check how secure your password is by heading to How Secure Is My Password. The site will let you know if your password is strong enough or if you should revise it to something more complex.
- Enable two-factor authentication (2FA). If someone signs in from a new or unauthorized device, they will have to provide a code only sent to you by SMS or through an authenticator app on your phone.
- Use a password manager. It is helpful to use a password manager to keep track of your passwords for you. Most password managers can even generate strong randomized passwords for you.
- Install antivirus software. Regularly run antivirus scans on your device to check if your device is infected with adware or a potentially unwanted program.
- Only log into your account from your own device. If you have to use a public or shared device, make sure you log out afterward.
- Don't click suspicious links in emails or texts. Hackers often send links via email or text that look legitimate but allow them to steal your information once clicked on. As a general rule, never open links or download attachments from unknown senders.