Get all your news in one place.
100’s of premium titles.
One app.
Start reading
The Independent UK
The Independent UK
Lifestyle
Max Freeman-Mills

What to do if your emails have been hacked

Support truly
independent journalism

Our mission is to deliver unbiased, fact-based reporting that holds power to account and exposes the truth.

Whether $5 or $50, every contribution counts.

Support us to deliver journalism without an agenda.

Louise Thomas

Louise Thomas

Editor

Having your email hacked is a modern nightmare.

While we all have countless accounts with different stores and services, there’s a good chance that they’re all routed through one main email address that we use across everything.

If you discover, one way or another, that your email account is compromised, it might be tempting to just curl up in a ball and give up on your online existence, but there are steps you can still take to put things right. Here are a few helpful pointers for where to start…

Change your password immediately

It’s one thing if you’re locked out of your account, but if you can still log in, there’s one massive step you should take as soon as possible: changing your password.

If you can get this achieved without any issues, there’s a good chance that it’ll expell whoever has hacked your emails and reinstate your inbox as your own private domain, just as it should be. The key here is to use a completely new password – don’t reuse one from another site, or make one that’s only a few characters away from the previous version.

(Alamy/PA)
(Alamy/PA)

If you have reason to believe that someone actually got access to your emails, we’d also recommend going through your other main accounts on things like social media or online banking and changing their passwords, too – you’re unlikely to regret being careful on this one.

Try to recover your account

If you’re not able to get access to your emails, presumably because a hacker has changed the password before you managed to do so, all the big providers have account recovery procedures that can help you get your account back.

These aren’t guaranteed to work, but they’ll ask you security questions and start investigating the sequence of events, to potentially return your account to you. Google’s version of this can be accessed from this help page, but you should be able to find the equivalent for whatever email provider you use online.

Run an antivirus check

It’s hard to know exactly how you’ve been hacked – unless you realise that you replied to a phishing scam or something of the sort. However, once you’ve initiated either of our first two points of advice, running an antivirus scan on your computer is a great idea.

Regardless of what software you choose to use, this should hopefully tell you whether your hardware is compromised. After all, if there’s a keylogger on your laptop – a type of malware that tracks your keystrokes – then changing your password will be a little bit less useful. Cleaning things out is a great way to move on with some peace of mind.

(Alamy/PA)
(Alamy/PA)

Let your contacts know

It might be a bit embarrassing, but it’s all too common for people to try to move on without telling people about their email woes, and accidentally cause others to fall into traps, too. If your email has been compromised for any length of time, it’s worth telling people you know to ignore any suspicious or unwarranted emails they might have received from the account recently.

This could well stop someone from clicking on a link or message that could otherwise entrap them, and is pretty much the right thing to do.

Update your security information and use two-factor authentication

This final step is based on the assumption that you’ve been able to get your email account back – although it equally applies if you’re forced to start a new one. Most email account providers have multiple layers of security that you can activate, and everyone should really use them all.

This means two-factor authentication that runs login attempts through your mobile number or a secure authenticator app, but also backup codes and security questions, as old-school as they might seem. Keeping these up to date as you change numbers or move addresses in the real world is key – even if that just means reminding yourself of the answers.

Having them at the front of your mind will make everything easier if you ever need to recover your account again, and lessen the chances of it being compromised in the first place, too.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.