Device & account security

What to do if your email has been hacked

By Iulian · Published 4 June 2026

Some links on this page may be affiliate links. If you buy through them we may earn a small commission, at no extra cost to you. We only recommend tools we believe are genuinely worth it. Learn more.

Your email is the most important account you have, because it can reset the password on almost everything else. So if it has been hacked, treat it as urgent. Here is exactly what to do, in order.

Signs your email has been hacked

  • You suddenly cannot log in, or your password no longer works.
  • There are messages in your Sent folder you did not write.
  • Contacts tell you they have had spam or odd requests from your address.
  • You are getting password-reset emails for other services you did not request.
  • Emails are going missing, or you spot new rules, filters or forwarding you did not set up.

Do these steps, in order

  1. Get back in. Use your provider’s account-recovery process (Gmail, Outlook and the rest all have one). If the attacker changed your recovery details, recovery can take a little persistence.
  2. Change your password to something long and unique you have never used elsewhere. A password manager makes this easy.
  3. Turn on two-factor authentication. This is the single biggest thing that stops it happening again. See our 2FA guide.
  4. Undo the attacker’s quiet changes. This is the step most people miss. Check your settings for forwarding rules, filters, auto-replies, and changed recovery email or phone numbers. Attackers often set a hidden forward so they keep reading your mail even after you have changed the password. Remove anything you did not set up.
  5. Sign out everywhere and review connected apps. Most email accounts let you sign out all other sessions and see which apps have access. Revoke anything you do not recognise.
  6. Check the accounts tied to that email, especially banking and shopping. Reset the password on any that shared the same one, and check whether your details have turned up in a breach with Have I Been Pwned.
  7. Warn your contacts, since the scammer may already be messaging them while pretending to be you.

The fix that lasts: a unique password plus two-factor authentication on your email closes the door for good. It is worth doing even before anything goes wrong.

If money or a scam is involved

If the hack led to money being taken or a scam, act quickly using our guide on what to do if you’ve been scammed. And if your phone might be the way in, see how to tell if your phone has been hacked.

More in our devices and accounts section.