Few things are worse than that sinking feeling when you realize your email was compromised. What did they manage to steal? What other accounts are in danger? Learning what to do if your email is hacked can help you act quickly and minimize the damage.
Below, we’ll go over some telltale signs of a hacked email, along with steps to recover and protect your account. We’ll also explain the most common tricks hackers use, what they can do with your email, and list practical tips to help you prevent future attacks.
Let’s get started!
How do I know if my email has been hacked?
Here’s how you can tell if another person has access to your inbox:
- You’re unable to log in: Your usual password suddenly stops working, even though you’re sure you typed it correctly (or you use a password manager).
- Unknown emails in your inbox: You notice messages in your inbox that you don’t remember receiving or sending. Hackers sometimes send spam or phishing emails from compromised accounts, and these can leave traces in your mailbox.
- Login history shows unknown IPs: Most major email services show recent sign-in activity. If you see logins from unfamiliar locations, devices, or IP addresses, someone else may have accessed your account without permission.
- Contacts report strange emails from you: Friends or coworkers may say they received odd messages, spam, or suspicious links from your address.
- Password reset emails you didn’t request: If you see unexpected emails about password changes or account recovery, a hacker may be trying to reset your other accounts.
- New forwarding rules or filters: Someone may add rules that automatically forward your emails to another address or hide certain messages. This lets them read incoming mail while keeping you unaware.
If you notice any of the above, don’t panic, but move on to the steps below to rectify the problem.
What to do if your email is hacked
If you suspect your email has been hacked, take a deep breath and follow this checklist to secure your data, recover your account, and prevent further damage.
1. Run an antivirus scan
Before you rush to change your passwords, you need to make sure your device is free of any malware that’s letting hackers into your accounts. For instance, spyware could monitor and report your activity, while keyloggers can capture your keystrokes and steal credentials.
A full scan can take some time, but it’s worth it to go through every file and app. After it finishes, follow the recommendations to remove threats, restart your device if needed, and keep the antivirus updated so new malware doesn’t slip in while you fix your accounts.
2. Reset your email password
Once you confirm your device is clean, reset your email password right away to keep hackers out. Avoid reusing passwords from other accounts, and choose one that mixes letters, numbers, and symbols to make it harder to crack.
Alternatively, you can switch to a passphrase, which is both tougher to brute-force and easier to remember. You can also add a couple of special characters here and there to improve passphrase strength without making it too convoluted.
After resetting, log out of all devices and sign back in with your new password. Also, check for any forwarding rules or linked apps that the hacker could have set up. Removing these ensures they can’t keep reading or sending emails even after you change the password, giving you full control of your inbox again.
Related: How to find all accounts linked to your email
3. Change your other account passwords
Changing passwords on accounts linked to your email is essential because hackers can use email access to reset other passwords. Start with banking, cloud storage, and social media accounts, then move on to less critical accounts.
Use strong, unique passwords everywhere, and consider a password manager to keep them organized. If you already use one, make sure to update your credentials.
4. Warn your contacts that your email was hacked
Warning your contacts helps prevent them from falling for spam or phishing messages sent from your account. Send a simple note explaining that your email was hacked, and ask them to ignore any suspicious messages that came from you recently.
Of course, hackers may have already gotten to your messaging or social accounts, so it’s worth checking those out for any warning signs.
5. Review your email recovery options
Reviewing your email recovery options ensures you can regain access if hackers try to lock you out. Check that your backup email and phone number are up to date and remove any that look unfamiliar or suspicious.
You should also check your two-factor authentication (2FA) and save any backup codes your provider gives you. These codes help you sign in if you lose access to your phone or your usual 2FA method, so store them somewhere safe.
6. Notify your email service and authorities
Contact your email provider after a hack so they can lock suspicious activity and guide you through recovery. Most providers have a process for reporting hacked accounts and can flag unusual logins or messages for review.
You should also notify local authorities or anti-fraud agencies (like the FTC’s ReportFraud) if you have any sensitive emails that could lead to identity theft.
7. Request a credit alert
Contact local credit bureaus (like Equifax, Experian, and TransUnion in the US) and request a credit alert if your email contains financial or personal info. They’ll be able to flag any suspicious activity and place a fraud alert on your credit file so lenders can verify your identity before approving new accounts.
Alternatively, you can freeze your credit to block new requests entirely until you’re in the clear.
8. Set up a new email address
Setting up a new email address gives you a fresh start and reduces the chance of repeated attacks on a compromised account. Move important contacts and subscriptions over, and avoid reusing passwords or recovery info from the hacked account.
Use your new email for sensitive accounts and important communication, and create temporary or secondary emails for non-essential services.
9. Consider identity theft protection
Consider identity theft protection if your email contains personal or financial information. Identity theft protection services monitor credit reports, dark web leaks, and public records for signs that someone is using your identity. They’re useful as an early warning so you can respond quickly before criminals can misuse your info.
How do hackers get your email? Common methods
Attackers may exploit your everyday habits or security gaps to hack your email. Here are some of the most common methods they use to access your accounts:
- Phishing scams: Fraudsters may send fake emails that look like messages from banks, services, or your coworkers. If you click a link and enter your login details on the fake page, they capture your credentials and sign in to your account.
- Data breaches: When a website suffers a breach, attackers may leak or sell user databases that include email addresses and passwords. If your details appear in one of these leaks, hackers can try to log in to your email account.
- Reusing passwords: Using the same password across multiple sites increases the risk of getting hacked. If one account gets exposed in a breach, attackers can try that password on your email and other services to see where it works.
- Active sessions on public devices: Signing in on a shared or public computer can leave your account exposed if you forget to log out. Anyone using the device later may still have access to your inbox or account settings.
- Credential stuffing attacks: Attackers take large lists of stolen email and password pairs and test them across many services. If you reuse the same credentials elsewhere, automated tools may successfully log in to your email.
- Unencrypted public Wi-Fi: Open public networks can expose your data if the connection is not secure. Someone on the same network may intercept login details or monitor traffic when you sign in to your email.
- Installing malware on your system: Malicious software like spyware or keyloggers can record your keystrokes and activity. Once installed, it can capture your email password and send it back to attackers without you noticing.
What can hackers do if they get your email?
Once someone gets access to your email, they can read your private messages and search your inbox for useful information. Many accounts rely on email for password resets, so attackers often use that to take over your social media, shopping, or banking accounts.
Things like invoices, account numbers, or documents can also help them commit fraud, open accounts in your name, or build more targeted phishing attacks.
Moreover, they can send emails from your address, which makes scams look more convincing. You probably wouldn’t think twice about clicking a link, opening an attachment, or sharing personal info with a trusted contact, and that’s exactly how they get you.
How to prevent hackers from stealing your email
Knowing what to do if your email is hacked can help you stay calm and act fast, though prevention is still the best approach. Here’s how to keep your accounts safe:
- Create strong, unique passwords: Yes, it can be a headache to follow all the requirements websites tell you (capital letters, numbers, symbols, ancient runes, etc.), though a password manager can generate and store them securely.
- Set up two-factor authentication: Authenticator apps are preferable to SMS-based 2FA (as your phone texts can be intercepted by attackers), but any method is better than nothing.
- Periodically review and close inactive emails: Check old accounts you no longer use and close them. Hackers target forgotten emails because they often have weaker security or outdated recovery info.
- Use custom blocking and filtering rules: Set up filters to block unwanted emails or suspicious senders. This reduces spam more than your provider’s defaults and keeps phishing or scam messages out of your main inbox.
- Sign up with temporary emails: Use throwaway emails for newsletters, promotions, or sites you don’t fully trust. This keeps your main inbox cleaner and reduces the risk of exposing sensitive accounts in a breach.
- Avoid public Wi-Fi without a VPN: Open networks let others on the same connection potentially intercept your logins. A secure VPN encrypts your traffic and protects your email details from prying eyes.
- Watch out for phishing attempts: Be careful when clicking links or opening attachments, even if the sender looks legit. Double-check you’re on the right website, or bookmark your sensitive accounts and log in from there.
- Keep your devices and apps updated: Install updates and security patches for your phone, computer, and apps. Updates fix vulnerabilities that hackers could exploit to gain access to your email.
What to do if your email is hacked: FAQs
What is the first thing you do when you get hacked?
When you get hacked, the first thing you should do is run a full antivirus scan on your device. This’ll catch any malware or keyloggers that could be giving hackers access. After that, focus on securing your sensitive accounts with a new password and checking your recent activity for anything unusual (like strange emails in your Sent folder).
Who do I contact if my emails have been hacked?
If your emails have been hacked, contact your email provider right away to report the breach and get help securing your account. You should also alert friends or contacts if suspicious messages were sent from your address, and consider notifying local authorities if you believe hackers stole any sensitive info.
Will changing my email password stop hackers?
Changing your email password can stop hackers from continuing to access your account, but it only works if you remove any malware from your device first. Make sure to choose a strong, unique password, update passwords, and enable 2FA on any accounts that use the same login to fully lock out intruders.
Should I delete my email if it was hacked?
You don’t always need to delete your email if it was hacked. You can usually recover it by resetting your password, resetting your recovery options, and checking for suspicious activity. Deleting should be a last resort if the account is completely compromised or tied to sensitive info you can’t secure.