How do I know if my email was hacked? Warning signs and what to do

How do you know if your email has been hacked or comprised? And if it happens, how can you block cybercriminals and regain control of your account? Discover the most common signs of a hacker attack and what to do about them.

What are the signs of a hacked email account?

There are several different clues that tell you whether someone has tried – or succeeded – in gaining access to your email account:

1. Reports of spam coming from you

People saved in your email contacts keep telling you they’ve been getting spam from you. This can be a sign that someone has obtained access to your account. But before you spring to action, ask the affected person to mouse over the sender name of the spam message in question. If a different email address is shown instead of yours, it’s possible that someone is using your sender name but not your email address. This is called “spoofing,” and is not a sign that your account has been hacked.

2. Failed login notifications

You log in to your email account and see a notification that there have been several failed attempts to sign in. But you don’t recall any failed logins! It could be that hackers were trying to break into your account. Even if you are not sure if they actually succeeded, to be on the safe side you should still take the precautions below.

3. Login sessions you don’t recognize

Many email providers let you see all current logins to your account. In your mail.com account, go to Home > Manage Sessions to see the location and IP address of everyone who is currently logged into your account. If the location seems strange, like a different city or country than the one you are in, you can end that session manually by clicking the trash symbol on the right. Then follow the steps below.
Screenshot of Manage Sessions window in mail.com mailbox
Don’t recognize this login? You can manually terminate the session here.
 

4. Unable to access email account

You try to log in to your account with your password but receive an “Incorrect password” message. If you are 100% certain that you’re using the correct password, it’s possible that your account has been hijacked and your login credentials changed. Follow the password recovery process to reset your password. If you have not saved a contact email address or cell phone number for password recovery in your account settings, please contact customer support for assistance. Once you have regained access to your email account, continue with the steps below.

What to do if your email is hacked?

If you suspect or know that your email has been hacked, follow these five steps immediately:
  1. Change your password
  2. Run a virus scan
  3. Check your security settings
  4. Check your filter rules, Mail Collector and email aliases
  5. Consider activating two-factor authentication
Change your password immediately! A strong password is the best way to prevent future email hacks.

Next, perform an antivirus scan – but first make sure your security software is up to date. If you don’t have an antivirus program, now is the time to install one! Be sure you run the scan on all devices you use to check your emails. If the scan turns up malware, follow the security program’s instructions to quarantine and remove it – and then change your password again, even you just reset it. Otherwise the hacker may get your new password as well.   

Now you should double-check your account’s security settings. In particular, make sure your password recovery options are up to date and that your spam protection is activated.   

Finally, have a look at your account’s filter rules, Mail Collector and alias addresses. Filter rules and mail collector tools can be used by hackers to forward your emails without you even noticing, so make sure no new setup has appeared in your inbox. The same goes for your email aliases: If you find any addresses which you didn't configure yourself, please delete them immediately.
 
Good to know: Why it’s important to protect your email account

Think of all the things you use your email address for! If hackers get into your email account, this unlocks the door to many other accounts and devices, where they could:

1. Send emails from your address. With access to your account, a hacker can see all your contacts. This means they can send emails to your family, friends or business contacts in your name. This could include scams or phishing emails.

2. Access your online accounts. Your email address usually makes up 50% of your login credentials for online shops, social media sites, etc.; the other 50% is your password. Once a hacker has access to your email account, all they have to do is click “forgot password” on login page of the account they are trying to access and they will receive resulting password change email. Now they can reset the password and have full access to that account as well.

3. Steal financial information. If you use your email to send or receive information about your credit card or bank account, hackers can find that information inside your hacked account.

Given the potentially serious consequences of an email hack, it is extremely important to protect your email account with a secure password that you don’t use for any other accounts. If you would like to add an extra layer of protection, you can consider activating two-factor authentication. This means that even if someone manages to steal or crack your password, they won’t be able to log in without the six-digit code generated by your authentication app.

If you think your email has been hacked and need more help, please contact our customer support team.

We hope you found this article useful. We look forward to your feedback.
Person wearing hoodie types on laptop while looking at screen with the words Hacker Attack
The consequences of a email hacker attack can be serious

Images: 1&1/Shutterstock

This article originally appeared on June 2, 2021 and was updated on June 1, 2022.


 

278 people found this article helpful.

Related articles

All about email: Understanding, organizing & writing emails

What is a no-reply email – and what happens if you reply?

Out of office messages: Examples and what to avoid