There's a lot of bases to cover here.
Who is your mail provider?
Absolute first step is updating your password to something long and memorable, long gone are the days of overly complex passwords that expire regularly. Think a sentence that is unique to you, or four randomised words joined by hyphens, for example:
IwasraisedinLondonbutmovedtoNewYorkandthenPasadena
or
Absolutely-bicycle-whitewater-aeroplane
Next would be to enable Multi Factor Authentication on your mailbox - all modern email providers can provide this to you.
Next I'd make sure that there's no mail forwarding happening inside your mailbox, for example forwarding to an external address that you don't own. This is often one of the main aims of compromising someone's mailbox, to set up forwarding, quickly exit the mailbox and then potentially confidential emails will be forwarded without your knowledge.
Malware Bytes is no bad idea to have on a Mac.
Bear in mind that your friend may just be receiving spoofed emails 'from you' i.e. where someone is impersonating you. He may not actually be receiving emails from you. Good that he's being vigilant though.
|