How do I report the hijacking of my email that led to a theft?

A couple of months ago my email account was hijacked. My password was changed by the jerk so I had to answer my secret questions I'd set up and change my email password to a more difficult one, as per the coaching of AT&T technical support. Unfortunately, they didn't think to advise me to also change my secret questions (and it didn't occur to me either), so the same person answered my secret questions last week and hijacked my email account again. This time he/she sent an email in my name to most of my contacts saying that I was stranded in London and needed funds to get home, eat, etc. Everyone understood immediately that this was a hoax except for one 80-something year old client of mine. I found out the next day that she wired via Western Union almost $2,000 to this creep. In fact, she almost wired an additional $2,000 but was advised by Western Union that the request was fraudulent the second time. I feel terrible about her loss - I'm going to prepare her returns without charge for the next few years to put her back whole again. I hate losing the $2,000 but I can't stand the idea of her being swindled by anything that is associated with me, even to this extent.

All that to say, her husband wants me to notify our local police and file a report that my email was hijacked. I don't mind doing this but I can't see them being even vaguely interested. Could someone let me know who I should contact or if it's futile at this stage to do anything.

Thanks in advance for your help.

But still go ahead and do it anyway and give your clients copies of the letters. You can report to the FBI cyber-crime unit http://www.fbi.gov/about-us/investigate/cyber/cyber. I'd CC my ISP and local police as well.

and am going to file a police report tomorrow. Won't get my client her money back (gonna take some no pay tax return prep to take care of that), but it may help them come to terms with this.

Out of pocket, but it is also a very humane gesture towards an elderly client.

Banks here in Australia, who used to use secret questions to partly verify identity, stopped doing it a few years back because it was unreliable. Remember when Sarah Palin's email was supposedly hacked? The kid just Googled the answers to her 'secret' questions!

Are you using one of the Big Three online emails? If so I'd seriously consider changing to use either your ISPs email read through a secure mail client or one the the safer online emails such as Fastmail. I also have several email addies, all for different purposes; ie one for friends and family, one for financial transactions, a couple of throw-aways for web logins etc.

I actually tie in and use Outlook.

The questions I was using for my password were actually quite good - but if the creep can just check them out as you answer them they don't do a lot of good.

I'm going to give some thought to using different email addresses. This is just so different a way to approach things - I've always been extremely vulnerable because I'm "old school" and used the same pw and user name for everything (I know - totally stupid, but I thought I was too plain vanilla to be interesting to anyone). Boy was I wrong.