My email has been hacked! What should I do next?
Emails hacked by cybercriminals represent a gold mine of personal data and, potentially, access to all your other accounts. Considering the number of online accounts linked to your email address – including online banking and online shopping – recovery from an email hack is highly time-sensitive. You'll have to act fast and carefully to minimize the damage to your identity and finances, as well as the impact it may have on those around you. Read on to find out what to do if you’re the victim of an email hack and how email hacks can happen.
What to do if your email is hacked?
So, what do you do if a scammer has your email address and has hacked your account? Here are the steps you can take to protect yourself:
1. Run your antivirus program
As noted in the FTC's guide to hacked email accounts, the first action to take if your account is hacked is to run a comprehensive antivirus scan. Skip the "quick scan" setting in favor of a deep scan to identify and eliminate all forms of malware and potentially unwanted applications (including Trojans, spyware and keyloggers that could be tracking your keystrokes, even after the hack has been identified).
Hackers don't want access to your account so they can send your friends embarrassing messages — they're looking for ways to scam you out of money or commit credit card fraud. For example, hackers target businesses that regularly send funds via wire transfer. Once an email account is compromised, they can send their own unauthorized transfers. According to the FBI’s Internet Crime Center, business email compromise (BEC) caused financial losses of $2.4 billion in 2021, up from $1.8 billion in 2020. These losses remained equally high in 2022 as well.
The sooner you run an antivirus scan, the better. It's essential to ensure your system is clean before changing any of your other sensitive information to avoid restarting the cycle.
2. Change your passwords
Once your computer is free of malware, it's time to change your password. If you've lost access to your account, you may need to contact the email provider directly to prove who you are and ask for a password reset. Many providers now offer a dedicated recovery service page for your account, where you can answer security questions to reclaim control of your email.
Choose a new password that is different from your old one and make sure it doesn't contain strings of repeated characters or numbers. Stay away from passwords that have obvious ties to your name, birthday, or similar personal details. Hackers can easily find this information and often use it in their first brute force attempts to access your account.
Your password should be unique for each account, complex (that is, a mix of letters, numbers, and special characters) and at least 12 characters long (ideally more). If you need help creating new passwords or managing all your new complex ones, use a Password Manager and Generator to create and store them safely.
3. Address other online services and account providers
Changing your passwords with other online accounts is critical as well: payment-based accounts, such as Amazon, Netflix, credit card companies and, even, the local library, need a reset.
Keeping your other accounts secure is important since secondary services are, ultimately, the much more valuable targets in these security breaches. For example, your bank account could easily be the next break-in if the scammer found the information needed to reset your password.
Be sure to use a unique password for every site: The risk for follow-up breaches increases if you use the same password for multiple sites. Avoid streamlined logins via your email or social media accounts to reduce further risk. However, even varied passwords may not be enough if you have emails in your account that lead directly to linked online vendors.
4. Notify people you know
Keep in mind the need to protect your contact list as well. It’s a good idea to tell your friends, family and colleagues that you've been hacked.
During the period when attackers had control of your account, they could have sent dozens or even hundreds of malware-laden emails to everyone you know. This type of phishing attack, in turn, gives them access to a new set of potential victims.
You should notify your contact lists on other platforms as well: Email may be just one route the attackers take to bait your contacts after a hack. If hackers have breached your social media or messaging apps, fraudulent messages could be sent from each of these. Warning your contacts lets them take steps to ensure their own devices are clean and unaffected.
5. Change your security questions
While your password was the most likely attack route, it's also possible that hackers broke into your account after answering your security questions.
By using false answers to security questions, you can subvert a hacker's chances of breaking in again. Make sure they are memorable to you but not discoverable through your social media posts or other public info. According to Google research, many users choose the same answer to common security questions (nearly 20% of American users answered "pizza" to the question "What is your favorite food?").
Enabling multi-factor authentication enables you to protect your logins and password resets. This authentication uses secondary email addresses, extra security questions or text messages to secure your email further.
6. Report the email hacking
If you haven't already, contact your email provider and report the email hacking. This is important even if your hacked email didn't cause you to lose access. Reporting a hack helps providers track scam-based behavior. When you report a hack, you’re protecting yourself and others from future threats by helping the provider improve their security.
In addition, your email provider may be able to offer details about the origin or nature of the attack. You might find that the breach is larger and has affected other services as well.
7. Create a new email account
Sometimes, it's easier to start again. Take a moment to reflect: has this email been hacked before? Is your provider not taking steps to mitigate the amount of spam you receive? It may be time for a switch.
Look for a service that offers default encryption of your emails: data encryption helps your private emails stay concealed if the provider’s servers are breached. Hackers cannot unlock this data without the proper security key.
Changing email addresses isn’t always straightforward. Most email services don't allow you to change your email address, which means you usually need to create a new account and then migrate your information over. You can make the process easier by setting up proper forwarding and informing people of the change. Some services allow you to migrate emails from your old account. After creating a new account, you may want to keep your old one active for a while. You can use it for some time to ensure that you don’t miss any important messages and don't get locked out of any of your online accounts moving forward.
8. Contact credit agencies
A hacker’s reach is often much more significant than a simple email hack indicates. It's a good idea to reach out and ask credit reporting agencies to monitor your accounts in the months after you've been hacked.
If you’ve been contacted or responded to any suspicious emails recently, take note of this as well. Fraudsters are much more likely to attempt to make personal contact and convince you to share personal details before they start defrauding your accounts and making purchases on your credit card. Scammers know that a personal touch often gets them through the first line of spam defense.
9. Consider your ID protection options
If you've been hacked, it is worth considering an ID protection service. These services typically offer real-time email and online retail account monitoring. In addition, they also usually offer credit score reporting and personal assistance in the event of identity theft.
Look for companies with a solid track record, since there's often a significant cost associated with this kind of protection. Make sure you use a legitimate service — not a hacker scam in disguise looking for your personal data.
Additionally, consider using cyber security software with account monitoring services. Expanded internet security suites tend to monitor your online accounts for data breaches. They will usually provide you with full support and guidance in case of a leak or hack.
10. Get totally secure
Run an antivirus scan on all connected devices, including your laptop, tablet, and smartphone. Take steps to secure the cloud, since it may also contain your personal data. Change your passwords, notify your providers, and consider cleaning your cloud data and backups with an antivirus scan. These measures can give you further peace of mind.
Upgrade your basic antivirus protection to full-time internet security protection if you haven't already. Look for a service that proactively blocks new, unknown threats and safeguards your actions online.
Once you know how to fix your hacked email, defending yourself gets a lot easier. If you ever discover that your email has been hacked, follow the above steps to take back control and prevent future problems.
How does an email account get hacked?
The main reasons why someone may fall victim to email hacking include:
Phishing scams: This might involve an email that appears to be from a genuine brand, asking you to confirm your password, account details, contact or other information. Criminals use phishing scams and social engineering techniques to trick victims into handing over their email passwords. Often, they can be very convincing.
Data breaches: Hackers may have obtained your email credentials through a data breach. If you use the same password for multiple accounts, one compromised account means a hacker can access all of them. Sometimes, hackers buy passwords from the dark web, where cybercriminals sell them after successful data breaches.
Not logging out after using a public PC or device: If you use a public PC to check your email, but don't log out afterward, then a user after you can obtain your password and use it to hack your account(s). Always log out properly after using a public PC or device. In addition, be mindful that public PCs could be infected with malware or spyware anyway – so tread carefully.
Using a public Wi-Fi network that is not secured: Free public Wi-Fi connections, like the ones in coffee shops or airports, often have little or no security. This makes it easy for hackers to spy on traffic flowing through it – including your email details. One way to avoid this is by sticking to networks you trust or that are password-protected. Using a virtual private network (VPN) also helps since it secures and encrypts your connection.
Weak or easy-to-guess passwords: As we’ve mentioned, if you use a weak or obvious password, hackers could guess what it is quite easily. A strong password is at least 12 characters – ideally longer – and is made up of upper- and lower-case letters, characters, and numbers. Using a password vault/manager can help you create and keep track of multiple passwords.
Not using up-to-date antivirus software: Using a good quality antivirus software (and keeping it updated) is the best way to protect your devices from malware designed to steal your passwords. Remember, malware infects your machine through compromised attachments or downloads, usually found in suspicious emails.
How can I tell if someone has hacked into my email account?
If you’re wondering whether your email has been hacked, warning signs include:
Your password no longer works: One of the clearest indications of being hacked is that you can no longer sign into your email account. If you type in your usual email password and it doesn’t work, then it’s likely that someone else has changed it. Once hackers have gained access to your email, they often immediately change the password to prevent you from logging in again.
There are emails in your account that you don’t recognize: However, sometimes hackers don't always change your password. You may only notice that there are messages in your sent folder that you do not recognize because you didn't send them. Or, perhaps there are password reset emails in your inbox from websites that you didn't request – as hackers may be using access to your email to attempt to change your password on other sites. Messages that you don’t recognize are a sign that a hacker could have access to your account.
Friends say they have received odd or spam messages from you: If your contacts report receiving spam from your email address, it's a red flag that your email has potentially been hacked and that your data is at risk.
Different IP addresses display in your log: Some email providers have a tool that reveals your IP address – meaning each time you log into your email account, your IP address is recorded. If someone else has been accessing your email account, different IP addresses will show in the appropriate log or settings window.
What can hackers do with your email address?
If you think your email has been hacked, it’s natural to assume the worst, such as “can someone hack my bank account now with my email address?”
Your email account is a treasure trove of valuable information, which is why hackers want to get hold of it. Anyone who hacks your email gains access to your contact list, which they can use for phishing attempts to carry out further fraud. In addition, from the content of your emails, they will have a good idea of which websites you have accounts with, including financial and banking sites. They can use your email to reset other account passwords, gain access to credit information or, even, delete accounts. They can use the information they uncover to steal money or obtain personal data, which they can sell on the dark web.
Ultimately, our email addresses are often the primary identifier in many login processes. If a hacker wants to gain entry to your online accounts, then knowing your email address is an excellent first step.
How to stop email hacking?
There are number of ways that email hacking can stopped and prevented:
Strong passwords: As mentioned previously, we recommend using a “strong” password (around 10-12 characters long, containing a mix of special characters, numbers, uppercase and lowercase letters) because it is one of the best ways to keep your email address safe from hackers.
Keep your email address book updated: We recommend always asking your colleagues and clients to notify you if they change their email addresses. It is also wise to periodically ask contacts if they have had any personal data breaches or have been hacked recently.
Activate spam filters and blocking: Make sure that your email provider’s spam filter is always active, so that there is less chance of you clicking on a nefarious email or link.
Use two-factor authentication (when possible): When using any app or email client, sign up for “two-factor authentication” when you’re given the option. Known as “two-step verification" (or “2FA" for short), most trusted email clients offer this service as standard. This security measure requires you to enter an additional piece of identifying information, ranging from a “secret answer” to a question, a “secure link” or an “authentication code” sent to your phone or secondary email address.
Using “Burner” email accounts: When you’re deciding whether to use your email address with websites that aren’t highly verified, you should use a burner email account instead. A burner account is an email address/account with false or very little identifying information. Modern email accounts are simple to close, which means you can keep the burner one active on a long- or short-term basis. However, when you’re accessing your burner account, be very careful when clicking external links or downloading attachments.
Don’t leave yourself vulnerable to hackers, email hijacking and loss of data. Protect yourself today with Kaspersky Premium Protection, available for both Windows PC and Mac iOS.
Related articles:
Recommended products:
My email has been hacked! What should I do next?
Kaspersky
