What to Do If Your Email Is Hacked: A Step-by-Step Recovery Guide
Your email is the master key to your digital life. If a hacker gets access, they can reset passwords for your bank, social media, and shopping accounts. Here is exactly what you need to do to recover your account.
Step 1: Try to Log In and Change Your Password
If you can still access your account, immediately change the password. Use a strong, unique password generated by a reliable password generator.
Step 2: Use Account Recovery Options
If you are locked out, use the "Forgot Password" or account recovery page. Providers like Google, Microsoft, and Yahoo will ask for your recovery email or phone number.
Step 3: Enable Two-Factor Authentication (2FA)
Once you regain access, turn on 2FA immediately. This requires an extra code from your phone or an authenticator app, making it extremely difficult for hackers to log in again. Read our complete 2FA guide.
Step 4: Check for Email Forwarding Rules
Hackers often set up rules to forward your incoming emails to their own address. Check your email settings for any unknown forwarding rules or filters and delete them.
Step 5: Review Connected Apps and Services
Go to your email provider's security settings and review all connected third-party apps. Revoke access for any apps you don't recognize or no longer use.
Step 6: Alert Your Contacts
Let your friends, family, and colleagues know your email was compromised so they don't click on any phishing links sent from your address.
Step 7: Monitor Your Other Accounts
Check your bank accounts, social media, and any services linked to your email for suspicious activity. Change passwords for critical accounts as a precaution.
Preventing Future Hacks
- Use unique passwords: Never reuse passwords across sites
- Enable 2FA everywhere: Use authenticator apps over SMS when possible
- Be phishing-aware: Don't click suspicious links or download attachments
- Keep recovery options updated: Ensure your backup email and phone are current