What should you do if you suspect your email account has been compromised?

If you think your account has been compromised but you are not sure, it is better to err on the side of caution and follow these steps:

  • Login to your email account and reset your password using a strong password.
    • Use long passphrases to make passwords easier to remember and more secure.
    • Do not use information about yourself, the city where you were born, your age, or the names of relatives, friends, or pets.
    • Do not use common words such as the name of favorite sports team.
    • If you are unable to login, contact your email provider to find out how you can regain access.
  • End / sign out of all sessions on all devices.
    • Even after you change your password, if the attacker has an active session, they may be able to continue to send emails from your account.
  • Reset any additional accounts that the attacker may have gained access to.
    • These may include financial institutions, shopping sites, and social media sites. There may be references to these accounts in your email. Remember to use unique passwords for each and every account. If not, if one account gets compromised, they all become compromised.
  • Enable Multi-Factor Authentication (MFA) on your email account.
    • This provides an additional layer of protection to login to your email account. It requires a code from a text message, phone call or authenticator app to further verify access.
  • Review and change your security questions.
    • If your email account was compromised from a device or location not matching your normal usage, it’s possible a malicious individual was able to answer your security questions.
  • Review your mailbox for any rules that you have not previously created.
    • These rules can include message forwarding, deletion, or running unwanted applications.
  • Review outgoing messages and retract any malicious outgoing messages.
    • In most cases, the attacker will not leave traces of any outgoing messages, but this should still be checked.
  • Contact the people in your email address book and let them know that your email was compromised.
    • Remind them to delete any emails from you during the time your account was compromised to prevent them from becoming the next victim.
  • Verify if there is private or personally identifiable information in your email that could be used maliciously. 
  • Establish a routine where you change your password periodically.
  • Scan your computer for viruses and malware.
    • This is especially important if you are experiencing problematic signs like unfamiliar applications loaded on your device, your computer operating slowly or problems shutting down.

Leave a comment