Email hacking occurs when a hacker breaches into the email service provider, or uses social-engineering to trick the user into phishing websites or even make the victim give his password.
Danger comes from the fact that once the hacker has access to your email he can read all of your messages, including ones for website registrations, since many of the websites require your email and password to log in. There are even websites which give you a random password, by email. If you didn’t change your password after registration, then you could be in trouble, since the hacker could enter the website, and do actions with YOUR profile.
Attack surface
The attacks could be made on the user and on the service, or even, in a public space. How many times you’ve connected to open WI-FI networks which you don’t know?
Attack on users
For social-engineering the person is trying to impersonate somebody else for convincing you to share you password with them, or give them access to your computer. This is most common in tech-support scams which run as follows, somebody calls you without knowing you, saying they’re from reputable company and that have detected you have a virus on the computer. They want remote access to the computer so they can examine and remove the virus so your computer can be safe. In the meantime they will ask you to leave your computer unattended. Their emails can also be spoofed in order to appear more credible, such as small typos in the domain name to appear if the scammer is from the credible company.
For phishing, the scammer will trick you into clicking on a link seemingly for a website which you are using, for example, a banking website, or a website for shipping status. The look-alike website will then ask you to log in to see your information, which after logging in will redirect you to the actual website, so that you don’t notice what happened.
Public spaces
If you’re connecting to any networks, such as VPN, proxies, open WI-FI networks, you run the risk of somebody listening in the middle between you and the website you’re visiting. Although with the use of HTTPS (S stands for secure) the hackers can’t see the information in plain sight, they could see to where you are connecting, and in some cases to extract the needed information to log in as you or listen to your traffic, for example, when you’re logging in the mail service.
Breaching
Attack on the provider itself, if successful could mean that the hacker can export the whole database which contains all emails and the information stored for the user. Given the fact that a lot of email services now request from the user other than the email name for creation, they hackers could get access to first and last name. Often as a security measure the passwords are encrypted or even for even more secure hashed, which protects the users from hackers which now know their email and want to try the password to all of the known services. Although this protection from seeing the password is very hard to breach, at least for now, it does not mean that the hacker cannot create a dummy account and change your password with the dummy account, which he knows the password for.
Prevention
A simple prevention is to not connect to network which you’re not don’t personally know the owner of, or that have some typos in their name.
To protect against breaching you can rotate your passwords, that is, change them frequently, and to now use a single password for all services.
Against phishing and social-engineering, do not reply or engage in conversations with emails which you’re not familiar with, or which have typos in their domain, or that want you to click on a link to verify something out of the blue, for example, to verify your bank account, although you have it for years.