Your Email Has been Hacked! Now What?


Hacking emails is a favorite pastime for most cybercriminals and it could happen to you as well.

Therefore, in this article, we’ll talk about how this happens, how to recognize if your email has been hacked and what to do when this happens.

How are Emails Hacked?#

There are three main ways in which your email can be hacked:

  1. Phishing

Phishing is a technique in which the attacker sends a seemingly legitimate message to the email user and tricks the user into visiting a fake website where the user can unknowingly “verify” their information and thus give the hacker their login credentials.

The attacker, which usually pretends to be a legitimate business, like a bank that the user might be a client of, for instance, will often either create a fake (phishing) website that looks almost identical to the real one, or they will send malicious software via an infected URL link.

  1. Man in the Middle Attack (MitM)

A Man in the Middle Attack (MitM) happens when a hacker secretly infiltrates a direct communication between two email users without them knowing.

Since the users are unaware that there is a third person listening in on their communication, the hacker can this way get to a lot of sensitive information before they are found out.

If you want to know how your email messages travel the Internet (how email works), check out this article about it.

  1. Password Guessing

Password guessing is a very simple, yet often effective technique by which a hacker can get your email password.

There are two types of password-guessing attacks:

  1. Dictionary Attack: In which the attacker uses a dictionary of common words to identify the password.
  2. Brute Force Attack: Where the attacker tries every possible combination or password until they find the right one.

How to Tell if Your Email is Hacked?#


You may not even know that your email has been hacked. Luckily, there are 4 tell-tale signs that something is wrong with your email account:

  1. A Friend, Family Member, or Colleague is Asking You Why You’re Sending Them Spam

Nobody likes spam messages and that’s certainly no way to make friends. So you can understand the confusion from your friends, family members, or colleagues when they receive spam from you.

This is a sure sign that your account has been compromised and the hacker is using it to send messages in your name.

  1. There’s Something Strange About Your Outbox

Hopefully, you are keeping your sent messages folder neat. However, you may see some strange and even spam messages in there that you definitely didn’t write.

Well, someone else did and that someone has managed to hack your email account.

  1. Your IP Address is All Over the Place

An IP (Internet Protocol) address is a digital address of your device on the Internet and it’s always the same. However, if you see a different IP address in the IP log that is a sign that someone has been logging in to your account from another location.

Of course, if you’ve been using a VPN (Virtual Private Network), your IP will be routed to a different server and will be different because of it.

  1. You are Unable to Log in to Your Email Account

Finally, the biggest “your email account has been hacked” sign is if you get a “username or password incorrect” message.

What this means is that a hacker has taken control of your account and has changed the password.

What to Do if Your Email Gets Hacked?#


So what should you do if your email gets hacked?

First, do not panic, for sure.

Here are a few things that you should do instead:

  1. Immediately Change Your Password

One of the first things that the hacker will do if they get control of your email account is to change your regular password so they can lock you out of your own account.

Because of this, time is of the essence here so you need to act quickly to any sign of a potentially compromised account by changing your password immediately.

When choosing passwords, always keep these rules in mind:

  • Use a different password for each account (email, social media, etc.)
  • Use a strong password (at least 12 characters long, including lower and uppercase letters, numbers and special symbols)
  • Don’t tell anyone your password (this goes double for your email password)
  1. If You Can’t Change the Password, Use the Email Recovery Service

Okay, but what if the hacker was faster than you and has managed to change your email password before you had the chance to act?

Well, this is where those security questions that your email provider had you fill out when you first opened the account will come in handy.

What you can do if you’ve been locked out of your email account is to use the email provider’s “forgotten password” option. This will take you to a dedicated webpage where you recover your account.

Speaking of email providers, here are the 9 most secure server-based email services and why it’s better to use a decentralized one like Telios.

  1. Check Your Computer for Viruses and Malware

A hacker will often use some kind of malicious software or virus to take control of your email account.

Usually, they will deliver these through an infected link sent to you in a phishing email.

If you notice your device working sluggishly or otherwise acting strangely, this could be a sign that it has been infected. Be sure to set up an automated scan to find and root out any malware and viruses from your device.

  1. Check Your Other Accounts

Since your email is connected to your other accounts, like social media, they could be compromised as well.

Are you seeing any strange posts that you know you’ve never sent, like perhaps posts about some scammy product or service that you never used on your social media? That could mean that your social media account has been compromised too.

  1. Warn Your Contacts

Finally, you should warn your contacts that your email has been hacked and that they shouldn’t trust any messages that come from it.

Often, fraudsters will use a hacked email account to send messages to its contact asking them for money and scamming people in your name.


Account Takeover (ATO) increased by more than 300% between 2019 and 2021 according to the Q3 2021 Digital Trust & Safety Index report by Sift. A large part of this is, of course, email ATO.

If this happens to you you might be a victim of identity theft or other fraud which could cost you hundreds or thousands of dollars for individuals or millions for businesses.

Obviously, this is something that you want to avoid and hopefully this article will help you identify the red flags that your email has been hacked and what actions to take if this happens to you.

Also, make sure to check out our 20 email security best practices to know how to protect your email privacy and security.