Cybersecurity

What to Do if You Think Your Email Has Been Hacked

A person looking at a laptop, illustrating what to do if your email has been hacked.

It’s a sinking, awful feeling. That moment you try to log in to your email and your password suddenly doesn’t work. Or, a friend texts you, “Why did you send me that weird spam link?”

If you think your email has been hacked, your heart is probably pounding. I’ve been in the tech and security field for a long time, and I’ve seen this scenario play out countless times with clients. The good news is that if you act quickly, you can minimize the damage and reclaim your account.

The key is to not panic. Panic leads to mistakes. What you need is a clear, step-by-step plan. This is that plan.

First: How Do You Know for Sure?

Sometimes you get locked out, and it’s a clear sign. But other times, the hacker is sitting in your account silently. Before you hit the big red button, let’s confirm the symptoms.

You’re likely dealing with a hack if you notice any of these:

  • You can’t log in. This is the most obvious sign. The hacker has changed your password, locking you out.
  • There are emails in your “Sent” folder you didn’t write. Hackers use your account to send spam or phishing links to everyone in your contact list.
  • You receive replies to emails you never sent.
  • Your friends are getting suspicious messages from you. This is a huge red flag that your account is compromised.
  • You get security alerts about new sign-ins from locations or devices you don’t recognize.
  • Your account settings have changed. I’ve seen cases where the hacker sets up an email forwarding rule or changes the recovery phone number to maintain access.
  • You’re receiving a flood of password reset emails for other services (like your bank or social media). This is a critical sign. It means the hacker is using your email to try and take over your other accounts.

If any of these sound familiar, assume you’re hacked and move to the next step immediately.

Your Immediate 3-Step Action Plan (Do This NOW)

Time is your enemy here. You’re in a race against the hacker.

1. Change Your Password (If You Still Can)

If you still have access, don’t wait. Log in and change your password immediately.

  • Make it long and complex. Use a mix of upper- and lowercase letters, numbers, and symbols.
  • Do not use a password you’ve used anywhere else.
  • If you’re prompted, choose the option to “log out of all other devices” or “log out of all other sessions.” This will kick the hacker out, forcing them to try and log in again (which they can’t, because you just changed the password).

2. Regain Access (If You’re Locked Out)

If you can’t log in, the hacker has already changed your password. You must use the account recovery process right now.

  • On the login page, click “Forgot Password” or “Can’t access your account?”
  • Follow the prompts. This will usually involve sending a verification code to your recovery phone number or recovery email address.
  • This is why setting up recovery options before a hack is so critical. If the hacker has already changed your recovery info, you’re in for a much tougher fight and will likely have to contact the email provider’s support team directly.

3. Scan Your Computer for Malware

How did the hacker get your password in the first place? It’s very possible you have a virus or keylogger on your computer that stole it.

Before you do anything else, run a full, deep scan with a reputable antivirus and anti-malware program. If you just change your password on an infected computer, the malware will just steal the new one.

The “Deep Clean”: How to Fully Reclaim Your Account

Okay, so you’ve (hopefully) regained access and kicked the hacker out. You’re not done. Now you have to do the “digital forensics” to undo their damage and lock down your account.

Go through your email settings with a fine-tooth comb. I check these four places every time:

  1. Check Forwarding and Filters: Hackers love to set up a rule that silently forwards a copy of all your incoming mail to their own address. In Gmail, this is under Settings > See all settings > Forwarding and POP/IMAP. In Outlook, it’s Settings > Mail > Forwarding. Delete any forwarding addresses you don’t recognize. Also, check your “Filters” or “Rules” for anything suspicious.
  2. Review Recovery and Security Info: Go to your account’s security settings. Verify your recovery phone number and email address. The hacker may have added their own as a backdoor. Remove them and make sure yours are correct.
  3. Check “Sent” and “Trash” Folders: Look in your “Sent” folder to see what emails the hacker sent. You need to know what kind of damage you’re dealing with (spam? phishing your boss?). Also, check your “Trash” folder. Hackers often delete security alerts from your email provider to cover their tracks.
  4. Review Linked Apps and Devices: Go to the security section of your account (e.g., the Google Account or Microsoft Account page). Find the list of “recent devices” or “apps with access to your account.” Log out of any device you don’t recognize. Revoke access for any app you don’t know or trust.

The Aftermath: Notifying People and Securing Your Life

Once your email account itself is secure, you have two final responsibilities.

1. Tell Your Contacts

This is an awkward but necessary step. Send a new email to your contacts (or at least post on social media) letting them know you were hacked.

Example message: “Hey everyone, my email was hacked in the last 24 hours. If you received any strange links from me, please do not click on them and delete the email. My account is secure now.”

This rebuilds trust and prevents one of your friends from falling victim to the hacker’s phishing attempt.

2. Enable Two-Factor Authentication (2FA)

This is the single most important thing you can do to prevent this from ever happening again.

Two-Factor Authentication (2FA) means that even if a hacker steals your password, they cannot log in. To log in, they would also need a second “factor,” which is usually a temporary 6-digit code sent to your phone. Unless they have also stolen your physical phone, they are locked out.

It adds an extra 10 seconds to your login, but it’s the gold standard for security. Every major email service (Gmail, Outlook, Apple) offers it. Go turn it on. Right now. If you’re not sure how, this guide to 2FA from Microsoft and this one from the FTC are great places to start.

Getting Your Bearings

I know this is a lot, and it’s stressful. Having your email has been hacked feels like a personal violation. But by following these steps, you can methodically take back control and make sure you’re buttoned up for the future.

The key is to move from panic to procedure. Secure the account, investigate the damage, and then build a stronger wall (with 2FA!) so it doesn’t happen again. You can sort this out.

Share this post:

Arya Sinclair

Arya is a digital organization and productivity enthusiast with a background in UX design and a passion for helping people work smarter. She explores tools, apps, and systems that bring clarity to busy lives — all while keeping things beautifully simple.Outside her job, Arya recharges with minimalist journaling, indoor plants, and Korean dramas.

view all posts

Related Posts

Post Comment

You May Have Missed