What to do if Your Email is Hacked

How Do I Know if My Email has Been Hacked?

It may not be immediately obvious that your email account has been compromised. Frequently, it is up to a person’s friends and family to let them know, often by sending a simple, terrifying message: “You’ve been hacked.”

Most people will keep the same email address for years; these accounts can accumulate lots of personal information and data about banking, credit cards, and other identifying information that a hacker can use to commit fraud.

Other clues that your email has been hacked include:

• Strange social media messages. If a hacker has gained access to your email account, they can usually log into your social media accounts by resetting your password. They may send strange messages to other people or make posts advertising products that you’ve never heard of. If you’re not constantly checking on your social media accounts, you may not notice that this has happened until it’s too late, or until a friend lets you know.
• All your sent messages have been deleted. If a hacker has taken over your email address and used it to send messages, they may try to cover their tracks by deleting all sent messages. Alternately, you may notice messages in your sent folder that you never wrote or sent.
• You can’t log in to your account. This is the ultimate tip-off that your account has been compromised. If your password is no longer working, you may have been locked out of your account.

Your Outlook can change everything

Spend less time organizing your life and more time enjoying it with Outlook

Learn more

How Do I Take Back Control of My Email Account?

The first thing you should do upon learning that your email account has been compromised is scan your personal devices for malware. These kinds of programs can give criminals access to more than just your email. Use antivirus software to ensure that no spyware or keyloggers are installed on your computers or mobile devices and make sure your operating systems are up to date.

Next, follow these steps to reclaim your account and secure it for the future:

• Change your password. If you’re able to access your account, you should change your password right away. Your new password should contain a mix of upper and lowercase characters, numbers, and special characters like the dollar sign. If you’ve been locked out, you may need to reach out to your email’s service provider to help get it back.
• Change your security questions. If a hacker has had access to your account, they may have found the answers to your existing security questions. Take the extra step and change them. Avoid questions that can be easily guessed or found by scanning your social media profiles.
• Warn your friends. If your account was compromised for any length of time, a hacker might have tried to trick your friends into downloading spyware onto their own devices. You should let your friends and family know what happened to you and warn them against any suspicious messages that were sent from your account during that time.
• Take stock of your account and look for tracks. Look through your account settings and make sure that a hacker hasn’t changed anything or embedded any nefarious links in an email signature. You’ll also want to make sure that your emails aren’t automatically being forwarded to another account.
• Report identity theft. If sensitive information like your social security number was compromised when your account was hacked, report it at the Federal Trade Commission’s Identity Theft site.

How Do I Keep From Getting Hacked in the Future?

Recovering your email account can be stressful and anxiety-inducing. Take steps to protect yourself and your identity by making it difficult for hackers to access your information in the future:

• Enable two-factor authentication. This can make it harder for people to break into your accounts. Two-factor authentication requires an additional factor like a fingerprint or a PIN to access your account. A smart idea is to enable it everywhere.
• Be wary of phishing scams. Think twice before clicking a link in an email or downloading an attachment. A phishing scam is a targeted email designed to trick you into giving up personal information or downloading malware. If the wording in an email is a little clunky or if something seems off, it may be a scam.
• Look for services with security. A service like Microsoft OneDrive can store your sensitive information in the cloud and keep it safe. It constantly monitors your account for suspicious activity and scans all downloads for threats.