Compromised Email Account? Here’s What to Do

An email account can be compromised in many ways. Weak passwords, breaches of other online services, clicking on malicious links, or downloading infected files or apps can all put your account at risk.

This guide will help you identify warning signs, recover your account, and prevent future compromises.

How to Tell if Your Email Account is Compromised

Watch for these warning signs:

1. Unable to access your account

   • An attacker may have changed your password to lock you out.

2. Contacts receive emails you didn’t send

   • Hackers often send spam or phishing emails from compromised accounts.

3. Unusual social media activity

   • If your email is linked to social media, attackers may gain access to those accounts too.

4. Strange messages in your Sent folder

   • Messages you didn’t send or deleted messages missing can indicate compromise.

Steps to Take if Your Account is Compromised

1. Reset your password immediately

   • Use a strong, unique passphrase. Avoid personal info, pet names, or common words.
   • If you can’t log in, contact your email provider for help.

2. Sign out of all devices and sessions

   • Ensures attackers are removed from active sessions.

3. Reset other accounts

   • Check financial, shopping, and social media accounts. Use unique passwords for each account.

4. Enable Multi-Factor Authentication (MFA)

   • Adds a second layer of security via a text, phone call, or authenticator app.
   • Learn more at STOP.THINK.CONNECT.

5. Review security questions and mailbox rules

   • Remove any unauthorized forwarding, deletion, or filtering rules.

6. Notify your contacts

   • Tell them to delete suspicious emails sent from your account.

7. Scan your device for malware

   • Look for unusual applications, slow performance, or other signs of infection.

How to Prevent Future Email Compromises

1. Keep devices and software up-to-date

   • Install updates for your operating system, apps, and antivirus software.

2. Use strong, unique passwords

   • Never reuse passwords across multiple accounts.

3. Be cautious with emails

   • Verify the sender’s address.
   • Avoid clicking links or opening attachments in unexpected messages.
   • Hover over links to check their destination before clicking.

4. Enable Multi-Factor Authentication (MFA)

   • Adds extra protection even if your password is stolen.

5. Avoid public computers or Wi-Fi for sensitive accounts

   • Public networks can expose your login credentials.

6. Monitor account activity regularly

• • Check for unusual login attempts or outgoing messages.

Quick Tips: Top 5 Actions

1. Use strong, unique passwords for all accounts.
2. Enable Multi-Factor Authentication (MFA).
3. Avoid clicking suspicious links or opening attachments.
4. Keep devices and security software updated.
5. Monitor accounts for unusual activity regularly.

This version keeps your original content intact but makes it:

• Scannable with headings and bullets

• Action-oriented for customers

• Web-friendly with short paragraphs and bold key points