1. Clean Email
  2. Have You Been Pwned
  3. What To Do If Your Email is Hacked?

What To Do If Your Email Is Hacked?

Author David Morelo Updated on Apr 19, 2024

Unsure what to do if your email has been hacked? This article will run you through how to tell if you have been pwned and how to act upon it using an inbox organizer called Clean Email.

What Are Hacked Emails?

When we say an email is hacked or compromised, it means a cybercriminal has gained unauthorized access to your email account. This isn't some rare occurrence reserved for celebrities—it can happen to anyone.

Hackers target email accounts because they often hold a treasure trove of valuable data, including financial information like bank statements, credit card details, or online shopping receipts. They could also find personal details such as your address, phone number, or even social security number.

Hackers often try to use a compromised email account to reset passwords for other services, like online banking or social media, giving them access to even more sensitive information. Criminals can use a hacked email to send spam, phishing emails, or malicious attachments to your contacts, potentially harming others.

How Does Email Get Hacked?

The realization that your email has been hacked can be seriously alarming. Unfortunately, it's a common scenario affecting many individuals because the large quantities of personal information, including login details, financial records, and personal correspondence stored in email accounts, are highly valuable to cybercriminals.

But how do email accounts actually get hacked? Well, there are several methods through which cybercriminals gain unauthorized access to email accounts:

  • Phishing scams: These deceptive emails or websites trick you into revealing your login credentials or personal information.
  • Malware: Clicking on malicious links or downloading infected attachments can allow malware to infiltrate your device and steal your password.
  • Weak passwords: Passwords that are easy to guess (e.g., birthdays, “123456”, simple words) are more vulnerable to hacking.
  • Data breaches: If a website or service where you've used your email address suffers a data breach, your credentials could be exposed.
  • Insecure Wi-Fi connections: Public Wi-Fi networks often lack adequate security, making your data susceptible to interception.

How Do I Know if My Email Has Been Hacked?

Okay, so there are multiple options for cybercriminals to sneak their way into your inbox, but how can you tell if they've succeeded? By watching for the following signs that might indicate you’ve had your email compromised:

  • Suspicious activity: Emails sent from your account without your knowledge, deleted messages, or changes to your settings could be signs of a hack.
  • Unexpected account changes: If your account settings or personal information have been altered without your knowledge, this is a red flag.
  • Security alerts: Notifications about logins from unknown devices or locations are a significant warning sign.
  • Password change requests: If you receive password change requests that you didn't initiate, it could mean someone else is trying to gain control of your account.
  • Data breach alerts: Websites like Have I Been Pwned? can notify you if your email is found in data breaches. Even better, Clean Email's Privacy Monitor tool proactively scans for data breaches, providing timely alerts that let you know if your email address has been compromised.
Protect your inbox with Clean EmailProtect your inbox with Clean Email

Should Clean Email's Privacy Monitor detect your email address in any such database, an alert icon will appear next to Privacy Monitor in the left-hand navigation menu, indicating the number of potential compromises. Clicking on this icon provides detailed insights into the nature of the breaches, enabling you to take informed steps toward safeguarding your personal information.

Privacy Monitor feature in Clean EmailPrivacy Monitor feature in Clean Email

What To Do When Your Email is Hacked

If you have figured out your email address has been hacked, you need to act quickly. Here are seven essential tips on what to do if a scammer has your email address to help you regain control of your account, minimize damage, and protect yourself from further attacks:

1. Change your password

Your top priority when dealing with a compromised email address should be to change your password and secure your account. Make sure to use a password strength checker to create a strong password. Aim for a minimum of 12 characters, including a mix of lowercase, uppercase, numbers, and symbols. You can save the new password in a password manager to ease the burden of remembering it.

Once that’s done, you should consider activating the Screener feature in Clean Email. This tool acts as an intelligent gatekeeper for your inbox. Should your credentials become compromised, Screener helps prevent a flood of spam, phishing attempts, and other malicious emails from overwhelming you by temporarily intercepting all messages coming from new senders and keeping them quarantined for your review.

Stop spam emails with Screener feature in Clean EmailStop spam emails with Screener feature in Clean Email

2. Enable two-factor authentication

After changing your hacked email’s password, the next step in securing your hacked email is to enable Two-Factor Authentication (2FA), one of the most important email security best practices. This security measure adds an extra layer of protection beyond just your password.

With 2FA, even if a hacker obtains your new password, they would still need access to a second piece of information—usually, a code sent to your mobile phone or generated by an authenticator app—to log in to your account.

To enable 2FA, log into your email account and navigate to the account or security settings. There, look for the 2FA option and enable it. Most services offer multiple ways to receive your 2FA code, with SMS-based codes being the weakest one due to their susceptibility to SIM-swapping attacks.

3. Contact your mail service provider

Most mail service providers will help if your email was hacked. Google allows you to recover your Gmail account and change your password.

Google now also encourages you to create two-factor authentication to stop someone else from trying to log in again. Two-factor authentication consists of you logging into your account with your password, and then a one-time-only code that is sent to your phone (check out how to choose the best authenticator app).

4. Let your contacts know

Immediately inform your email contacts that your account has been compromised and someone has been using your email address. This helps them avoid falling for phishing scams, harmful links, or hackers’ attempts by to trick them into sending money. Emphasize that they should ignore any suspicious-looking emails sent from your address while the situation is being resolved.

Understandably, you might be reluctant to share this information due to embarrassment or fear of losing trust. However, honesty is the best policy in this situation. By being upfront, you empower your contacts to protect themselves and minimize the damage the hacker can cause.

5. Complete a virus and malware scan on devices

Your email might have been compromised in several ways, including a data breach at a company where you have an account or malware lurking on your devices. That’s why you should use a reputable antivirus or anti-malware software to scan all your devices (computers, phones, tablets).

If the scan detects malware, follow the software's recommendations for removal. After removing malware, we recommend you keep the anti-malware software installed and enabled to take advantage of its real-time protection.

6. Check all accounts

Hackers often try to use a compromised email account to access other online services where you might have reused the same password. To prevent this from happening, we advise you to immediately change passwords for your most important accounts, such as online banking, financial platforms, social media, and any websites storing sensitive data like credit card information or your address.

Wherever possible, review recent account activity and activate 2FA for your accounts. Just like with your email account, 2FA adds an extra layer of security in addition to your password. Yes, it will take you a bit more time to log in, but that’s a small price to pay for enhanced security.

7. Restore your emails from a backup

If you've noticed that emails have gone missing during the period your account was compromised, it's important to try and recover them. Here are some of your recovery options:

  • Check your trash folder: Start with the simplest step by looking in the Trash folder of your email account. If the hacker deleted emails, they might still be in the Trash, where you can recover them directly.
  • Use a local PST file: For users of email clients like Microsoft Outlook that store emails in a local file (PST file for Outlook), you may be able to recover your emails from there. These files contain all your emails up to the last time your email client synced with your email server.
  • Ask senders to resend emails: If all else fails and you know which emails are missing, you can reach out to the senders and politely ask if they can resend the emails. Most people will understand and comply, especially if you explain the situation.

And if your effort to restore lost emails doesn’t yield immediate results, remember that it's not the end of the world. The most important thing is that you've taken action to secure your account and minimize the damage. From now on, focus on staying vigilant and proactive with your email security to prevent similar situations.

Secure Your Inbox and Protect From Spammers with Clean Email

As explained earlier in this article, a swift response is key for securing your inbox and protecting against future spam and scam attempts. Clean Email is an invaluable tool in this recovery and protection process, offering a collection of useful privacy, security, and inbox management features in a convenient and mobile-friendly package, with dedicated apps for iOS and Android users.

Clean up your inbox with Clean EmailClean up your inbox with Clean Email

As outlined earlier, features like Privacy Monitor and Screener offer immediate solutions for identifying potential breaches (via Privacy Monitor) and managing incoming emails from new senders (via Screener), thus preventing a flood of spam or phishing attempts from overwhelming your inbox. These tools are essential first steps in regaining control over your email security.

Beyond these initial measures, Clean Email offers further capabilities to enhance your email security and organization:

Unsubscribe from emails with Clean EmailUnsubscribe from emails with Clean Email
Auto Clean feature with Clean EmailAuto Clean feature with Clean Email
Automatically clears messages from flagged senders when they hit your inboxAutomatically clears messages from flagged senders when they hit your inbox

Clean Email itself is highly security and privacy-oriented, so you can use it without the worry of your data being compromised.

What To Do If Your Email Is Hacked? - FAQs

What happens if a hacker gets your email address?

If a hacker obtains your email address, they may send spam and phishing emails from your account, damaging your reputation and deceiving your contacts. They can access sensitive information stored in your emails, including financial details or personal messages. Moreover, they might use your email to gain access to other online accounts, especially with reused passwords, and delete your messages and attachments just to cause trouble.

Should I delete my email if it was hacked?

Deleting your hacked email account is usually unnecessary. The most important step is to regain control by changing your password and enabling two-factor authentication. You should also review your account settings for any unauthorized changes that might allow the same attackers to access your account again in the future.

How to tell if your email has been hacked?

Stay alert for warning signs of unauthorized access to your account. Suspicious activity within your account, like emails sent without your permission, messages mysteriously disappearing, or unexpected changes to your account settings, could be clear signs of a breach. Difficulty logging in could also suggest that a hacker has changed your password. Moreover, Clean Email’s Privacy Monitor feature can let you know if your email has been involved in a data breach.

What to do if your email was hacked?

Start by changing your password to a strong and unique one to prevent further unauthorized access. Next, enable two-factor authentication. Reach out to your email provider for assistance in securing your account further. Scan your devices for malware. Finally, inform your contacts about the breach to prevent them from falling victim to potential phishing scams based on emails that may appear to have been sent by you.

What is the first thing you do when you get hacked?

If you discover that your email hacked, the immediate step is to change your passwords, especially if it's clear that someone has been using your email address for unauthorized activities.

Try Clean Email for Free
*****4.4based on 1011 user reviews
Get Started
InboxClean Your Mailbox

Tools like Quick Clean and Smart Views to help you quickly clean out an overloaded inbox

Mute unwanted emailsUnsubscribe

Keep unwanted emails out of your Inbox by unsubscribing - even from email lists that don’t have an unsubscribe link

Clean your emailsKeep it Clean

Automate repetitive with Auto Clean rules to archive emails as they become old or sort them into folders

Background
Use filters to find emails you want to clean.Arrow
Screener FeatureArrow
UnsubscribeArrow
Auto CleanArrow
Sender SettingsArrow