Email Account Hacked? Do These 8 Steps Right Now

A hacked email account is one of the most serious security incidents you can face. Your email is the master key to your digital life — password resets for banking, shopping, and social accounts all go through it. Act fast and follow these steps in order.

How Do You Know Your Account Is Hacked?

Common signs include:

• You can't log in — your password has been changed by the attacker
• Friends or colleagues report receiving spam or strange emails from your address
• You see emails in your Sent folder that you didn't send
• You get security alerts from Google, Microsoft, or other services about sign-ins from unknown locations
• Your email account has an unfamiliar forwarding address set up
• Emails you're expecting never arrive (attacker may be deleting incoming messages)

Step 1: Regain Access to Your Account

If you can still log in, jump to Step 2. If the attacker changed your password:

Gmail

1. Go to accounts.google.com/signin/recovery
2. Enter your email address and click "Forgot password"
3. Follow the on-screen steps — Google may use a recovery phone number, recovery email, or ask you to verify a previous password
4. Once in, immediately change your password before doing anything else

Outlook / Hotmail / Microsoft

1. Go to account.live.com/password/reset
2. Choose your verification method (email, phone, or security questions)
3. Follow the prompts to reset your password

If Recovery Fails

If the attacker also changed your recovery email and phone number, you'll need to go through the provider's account recovery form, which may require identity verification. This process can take 1–7 days:

• Google: accounts.google.com/signin/recovery → "Try another way"
• Microsoft: support.microsoft.com → "Get help signing in"

Step 2: Change Your Password Immediately

Once you're back in, change your password right away before the attacker notices and locks you out again.

• Use a strong, unique password — at least 16 characters, mixing letters, numbers, and symbols
• Never reuse a password from another site
• Use a password manager (Bitwarden, 1Password, Google Password Manager) to generate and store it

Step 3: Enable Two-Factor Authentication (2FA) Immediately

2FA means that even if someone has your password, they can't log in without also having your phone. This is the single most effective protection against account takeover.

• Gmail: myaccount.google.com → Security → 2-Step Verification → Turn On
• Outlook: account.microsoft.com → Security → Advanced security options → Two-step verification
• Use an authenticator app (Google Authenticator, Microsoft Authenticator, Authy) rather than SMS — SMS codes can be intercepted

Step 4: Check and Remove Unauthorized Changes

Attackers often leave backdoors. Check all of these:

Gmail

• Forwarding: Settings → See all settings → Forwarding and POP/IMAP — remove any unfamiliar forwarding address
• Filters: Settings → Filters and Blocked Addresses — delete filters that delete or forward mail
• Recovery info: myaccount.google.com → Security — verify your recovery email and phone are yours
• Signed-in devices: myaccount.google.com → Security → Your devices — sign out of all unfamiliar devices
• App access: myaccount.google.com → Security → Third-party apps — revoke any apps you don't recognise

Outlook / Microsoft

• Forwarding: Settings → View all Outlook settings → Mail → Forwarding — disable any unknown forwarding
• Inbox rules: Settings → Rules — remove any rules that move or delete mail
• Recent activity: account.microsoft.com → Security → Review recent activity — sign out unfamiliar sessions

Step 5: Secure Your Other Accounts

Your email is likely linked to dozens of other accounts. Any service that allows "reset password via email" is now potentially compromised.

1. Change your passwords for banking and financial accounts first — these are highest priority
2. Change passwords for shopping sites (Amazon, PayPal, etc.)
3. Change passwords for social media accounts
4. Check all linked accounts for suspicious activity or unauthorized changes

Step 6: Warn Your Contacts

The attacker may have sent phishing emails or scam messages to everyone in your contact list. Send a brief message to your contacts (from a different email address if possible) warning them:

"My email account was recently hacked. If you received any unusual messages from my address asking for money, login details, or to click a link, please ignore and delete them."

Step 7: Check Your Sent and Deleted Folders

Review what the attacker sent from your account. Look in Sent for emails you didn't write. Also check Deleted Items / Trash — attackers often delete incoming security alert emails to cover their tracks.

Step 8: Report the Hack

• Report the incident to your email provider through their security reporting channels
• If the attacker used your account for financial fraud, report it to your country's cybercrime authority
• If work email was involved, notify your IT/security team immediately

How to Prevent It Happening Again

• ✅ Use a unique, strong password for every account
• ✅ Enable 2FA on your email and all important accounts
• ✅ Use a password manager — never reuse passwords
• ✅ Never click links in unexpected emails asking you to log in
• ✅ Check haveibeenpwned.com regularly to see if your email appears in data breaches
• ✅ Keep your recovery phone number and backup email up to date