I have a web site on a shared apache server. It's very apparent that somebody is successfully hacking into my partners emails to try and get damaging personal info (nothing illegal). We only know this because these email show up in unexpected places.

I've contacted my web host and they see no problems on the server side of things.

We've been naive about this in the past and have not used any encryption or anything. I have no idea how these emails are being hacked but it's time to get smart :-)

So my question is where to start?

I'm checking into digital IDs and encryption. I'm still a bit vague on this stuff. Any good tutorials? What's the best to use?

Should I be concerned about trojans? We have virus detection but do we need some other way to check for hacker tools?

Any other suggestions would be great.

Thanks,
Tim