Skip to Main Content

Has your email account been hacked? Here’s what to do! 

If you think that your email has been compromised, you’ve come to the right place. We’ve packed this guide with helpful information, including how to tell if your email account really has been compromised, and how to take back control. Above all, let’s explore how to help prevent your email from being hacked in the first place! Did you know that there’s an online privacy and protection solution from Avira that ticks the boxes of a resilient cybersecurity strategy (and it’s free!)?  


How email accounts are hacked 

Hackers have been busy. 2023 started with reports of over 200 million email addresses allegedly stolen from social media users and leaked on underground hacker forums—and this is far from an isolated incident. Your confidential details, including email address and passwords, are hot property and cybercriminals are becoming increasingly creative at getting their hands on them. (If you’re in the mood for some sobering statistics, see the Independent’s Live Company Data Breaches and Stats for 2023). Let’s start at the very beginning: How your email account may have been compromised in the first place. If there was a guidebook called “How to Hack Emails”, it would have four main sections. Hackers tend to favor four devious methods, so the chances are high that you fell victim to one of these.  

The most common way that emails are stolen is through phishing attempts. This technique is popular because it’s affordable, requires relatively simple skills (although many hackers could do with a grammar lesson), and takes advantage of the weakest link in any online defense system: you, the user (sorry). During a phishing attack, an “imposter” email is sent that looks like it comes from a legitimate source, such as Amazon or PayPal. Clicking on any links in the email could result in malware being downloaded onto your machine. You could also be redirected to a fake website where you’re prompted to enter your login details. These will quickly be hoovered up by a malicious third party, possibly granting them access to your email or other online accounts. Be vigilant and train your eyes to spot a scam fast! If an email is unsolicited, requests personal information (usually urgently), and contains suspicious links or attachments, don’t respond. Also look out for spelling and grammar mistakes and hover over the sender’s email to reveal their true IP address. Plus, if it sounds too good to be true, it usually is. Chances are that you haven’t suddenly won an iPad or a Caribbean cruise, and a foreign prince doesn’t want to give you his fortune. For more tips on how to recognize     phishing attempts, see this fun blog post from Avira: Phishing attacks: Steps to stay safe.  

Didn’t read the above and clicked on a link or opened an infected attachment? Or is your machine running outdated software in urgent need of security patches? There are so many ways that malware can infest your device. Malicious software can include spyware and keyloggers that record your keystrokes to “remember” your usernames and passwords. The hacker can then use these credentials to gain access to your email, social media, and other online accounts. 

Another method of choice for hackers is the creepily named Man-in-the-Middle Attack (MitM). Here attackers intercept communications between two unsuspecting parties, allowing them to steal login credentials and other personal information. They either passively listen in or terminate the connection and replace it with a new connection of their own. This digital form of spying is one of the oldest forms of cyberattacks and utilizes a broad range of techniques. (If you’re in the mood for technical details, read on, or head straight to the next paragraph: In SSL stripping for example, attackers establish an HTTPS connection between themselves and the server. They then use an unsecured HTTP connection with their victim, so that information is sent in plain text without encryption. Evil Twin attacks mirror legitimate Wi-Fi access points but are controlled by hackers, who can then monitor or collect information the user sends). For the insatiably curious, here is an insightful blog on Man-in-the-Middle attacks and how to help prevent them 

Good old guesswork is also a popular hacking tool, although patience and persistence are required. During brute-force attacks hackers use trial and error to try and crack your password by inserting endless random characters, symbols, and numbers. Did you know that you can help the cyber bad guys when you share personal details, such as your date of birth and pet’s name on social media? If one of your passwords is Fluffy1993, please change it at once. Hackers know that we often use these details to create memorable passwords and answers to security questions. Once they have access to your personal information, they can tailor their guesses with likely passwords. This is called credential stuffing. Don’t make a hacker’s life easier! Toughen up your defenses with strong passwords consisting of upper- and lowercase letters, numbers, and special characters. So, unless your unlucky pet’s name is BcX$%128HvaQ*, avoid personal references. And never share passwords—even strong ones—across multiple accounts. Remember: Recycling is great for plastics but terrible for passwords. The free Avira Password Manager helps generate strong, unique passwords and helps store them securely. It can be set to automatically log you in to your online accounts, helping thwart keylogging software.  


Sadly, even if your online security etiquette is impeccable, how strong is the security of the companies holding your information? Your password could be stolen as part of a security breach. Vast databases of emails and passwords are offered for sale on the dark web every year. Do you remember the infamous Collections #2–5 databases? In 2019, researchers from Germany’s Hasso Plattner Institute discovered a collection of nearly 2.2 billion stolen credentials!  Consider subscribing to Avira Password Manager Pro. It offers the same performance as its free cousin but sends notifications if your email/password has been leaked after a data breach so you can change your login details fast.  

Has your email account been hacked? How to tell  

So, do you suspect that someone really has gained access to your email account? You’ll have had better days. Before you panic, let’s see if your suspicions are well-founded. Peruse this handy list of the possible signs and symptoms that your email has been hacked:    

  • You can no longer log in to your email account. You try to log in as always, only to find that your username and password no longer work. A third party may have cracked or got hold of your login credentials and then changed the email password to lock you out. The cheek. If you receive password reset emails, it’s a clear sign that something is up. Don’t ignore them.  
  • Your mailbox was accessed from another device or location. Sometimes, hackers won’t alert you to the fact that they’ve accessed your account by changing the password. They sneakily monitor your emails, hoping you won’t notice that they were there. Look out for notifications from your email provider that your email was accessed from a different, unknown device. Your email provider also keeps access logs, which you may be able to find in your mailbox. (For Outlook 365, see the Security & Compliance Center). Also consider contacting your email provider to ask them which IP addresses have recently accessed your mailbox.    
  • A contact asks: “Did you really send this?”. Hackers often use stolen email accounts to blast spam, phishing emails, or malware to everyone in your address book. These rather suspicious emails usually won’t look or sound like they came from you—unless you really have suddenly started a wholesale pharmaceutical business from your garage, for example. Hopefully your contacts will have read the above paragraph on how to recognize online scams and won’t click on infected links or open dodgy attachments.  
  • Unknown emails appear in your sent folder. Was it you during the office Christmas party? No? If you’re absolutely sure that you didn’t send an email that’s sitting suspiciously in your sent folder, it may be a sign that someone else acted on your behalf.  
  • Your device is slower and less stable. Malware can be greedy with resources, causing your machine to perform more slowly, to run hotter than usual, or to suddenly turn itself off. Generally, if your machine is suddenly no longer itself, ask why. If it’s infected with malware, certain types are designed to steal confidential information, or grant a hacker access to your entire device.  

Oh no, your email has been hacked: Act fast! 

It’s essential to act quickly if you want to minimize the potential damage. We recommend taking all or most of the steps below.  

Start with your password. It’s a first line of defense. If you still have access to your email account, change your password immediately. Once you reset the password (using a strong, unique and new password!), anybody using your mailbox will be logged out. Also enable two-factor authentication if it’s available as this will make it much less likely that this hacker or others in the future will find their way back in. You can now breathe a small sigh of relief that you may have solved the problem. Some providers, like Gmail, let you set up a backup recovery email address and phone number which can help you recover access to your email account.  

Get in touch with your email provider. If you can’t change the password for some reason, such as being denied access to your email account, contact your email provider to disable the mailbox temporarily or to grant you access again. Then you can hurriedly follow the steps above to regain control. Also check your mailbox settings. Has email forwarding been added without your knowledge or consent? Has another user appeared?  

Restore a backup. If any emails have been deleted or your mailbox has otherwise been tampered with, it may be easier to start afresh with a backup you can trust. Some web hosting providers keep a backup of website files and emails. If you use Outlook, here are instructions from the Microsoft Support Center on how to back up your emails 

Inform your contacts. Don’t try and keep it a secret. The hacker is the criminal—not you! Whether they’re friends, colleagues, partners, or customers, come clean. Let them know as soon as possible that your email has been hacked and that any emails they receive will come from a third party. Advise them to be vigilant and not to respond to emails from you, especially any inviting them to share their login credentials or win a Caribbean cruise.  

Perform a malware scan. Check your entire computer system for malware and double-check any unknown-looking files. A phishing email may have tricked you into downloading spyware or other malware. Also update your operating system, browser, plus software and apps. Outdated software is hacker heaven as it may contain security vulnerabilities!  

Avira Free Security offers a convenient blend of performance, online privacy, and protection, so you’ll have the bases mentioned above covered. The integrated Software Updater helps ensure you have regular, clean updates. VPN helps encrypt your communications for more private online browsing. It’s also packed with the anti-virus prowess of Avira Free Antivirus, which helps defend you against online threats, even the latest ransomware and spyware.  


Hackers don’t love you—they love your data 

Why is there such interest in your email address anyway? It’s great to feel loved, but these are affections you can do without. Often, an email address is just the first step. Personal and company email addresses are potential portals to your digital life, finances, and even identity for cybercriminals, giving them the tool they need to start executing their scams. They can use it to contact you and try to gain other useful personal details, such as your passwords and home address. If they gain access to your email account, they could stumble upon a treasure trove of data in your attachments and sent emails. Did you send a colleague your bank details via email, for example, so they could make a payment they owed you? Did you email a scan of your passport or an electricity bill to a company as proof of ID or address? Email accounts are often littered with personal information. Now imagine your personal or professional contact list in the hands of a malicious third party… They could be placed on hacker mailing lists and be targeted with spam or phishing campaigns.  

Like putting together the pieces of a digital jigsaw, cybercriminals can use your personal data to build up enough of a picture of you to gain access to your other online accounts—from social media platforms and online shops to financial services like PayPal. There’s a ripple effect that could have far-reaching consequences. Armed with your full name, date of birth, national insurance number and financial details, they could steal your identity entirely. This could lead to financial losses or damage to your personal and professional reputation. Did you hear of the poor guy who had 500 pizzas ordered in his name? Even if it is just an urban legend with an extra side of cheese, it’s still a cautionary tale. And please spare a thought for Nicole McCabe, who is famously known as possibly the unluckiest of all identity theft victims. An assassination squad stole her identity, and she was framed for the murder of a Hamas leader in Dubai. You’ve been warned… 

Perhaps the biggest lesson is that cybercriminals can target absolutely anybody—rich, poor, famous, huge corporations, and a single person. Don’t let your guard down, never share more than you need to online, and always have online security solutions from reputable experts in place.  

This post is also available in: GermanFrenchItalian

Avira, a company with over 100 million customers and more than 500 employees, is a worldwide leading supplier of self-developed security solutions for professional and private use. With more than 25 years of experience, the company is a pioneer in its field.
Avira logo

Don’t let hackers steal your email address! Be cyber-savvy with Avira Free Security.   

Avira logo

Don’t let hackers steal your email address! Be cyber-savvy with Avira Free Security for Mac. 

Avira logo

Hackers love stealing login details! Help thwart them: Avira Mobile Security for iOS.  

Avira logo

Hackers love stealing login details! Help thwart them: Avira Antivirus Security for Android.