Skip to Content
© Weerapat Kiatdumrong |

5 clues that your email has been hacked

Scams are rising, and more people are falling for phishing attacks and email hacks than ever. Tap or click here to see how COVID-19 scams have become rampant.

Just think about how many times a day you open an email from someone you trust and click a link or download an attachment. Every one of those times is a chance for an enterprising cybercriminal to fool you.

If you’re worried your email account may have already been compromised, here are five clues to check for. Plus, we’ll show you four steps you can take to protect yourself.

1. Did you actually send these?

If you’re worried your account has been hijacked, check your Sent and Drafts folders for emails you didn’t write.

Using email accounts owned by real people bolsters a phishing campaign’s credibility. When your email gets hijacked by a hacker or malware, they’re often added to an arsenal of compromised accounts that further spread phishing campaigns.

This is the reason you’ll sometimes receive shady emails from contacts you know. More likely than not, their account was cracked open and their email address is being used as a spambot.

When you’re looking through sent mail, check the recipients, as well as when the emails were sent. If you don’t remember sending those communications, that’s a key sign your account has been compromised.

It’s also worth checking your Sent and Drafts folders for messages with attachments, a primary vector for phishing malware. If you don’t remember sending or composing emails with attachments, that’s as big of a red flag as you can find.

Your contacts may even reach out about receiving strange emails from you.

2. Did you actually change your passwords?

A compromised email account is a golden ticket for any aspiring hacker. Once they get inside, they can attempt to crack accounts associated with that email address. You need to make sure those passwords weren’t changed without your knowledge.

To do this, search your inbox and use terms like password reset, password verification or password changed successfully. Look carefully through the messages that appear, and make a note of their date and time.

If you see recent password changes for accounts you own, you’ll need to reset those passwords again on the other platforms before changing your email password. Without doing this, the hacker could perform another reset after you’re done. We’ll go over changing your password in greater detail below.

3. Did you actually read those emails?

Email accounts typically let you sort through messages by read or unread status.

But if a hacker gets into your email address, all bets are off. While they’re rummaging through your emails for personal data, they’re likely to open and close your messages arbitrarily.

Read emails are usually presented in a standard, unbolded format, while unread messages are bolded. If you know your inbox was full of unopened messages that are now mysteriously marked as read, you may have a hacker on your hands.

Check through as many read messages as you can, and make sure they don’t contain personal data before taking additional steps like resetting passwords.

4. Did you actually trash these emails?

Not only do hackers rummage through your emails willy-nilly, but they’ll sometimes erase emails without thinking about the consequences. This means you could lose important pieces of data that could clue you into what happened during the hack — including accounts they may have compromised. So much for destroying the evidence.

When you’re checking emails for signs of a threat, look in the trash and scan carefully for signs of disarray. If you see an important email trashed that you wouldn’t have thrown away otherwise, your account may have been attacked.

5. Did you actually log in?

Most email services let you check login activity, including the IP addresses or locations used to access your account. Some even show the browsers or devices used.

To do this in Gmail, open your email account in a browser, then scroll to the bottom of your inbox. In the bottom right corner, you’ll see Last account activity, followed by a time. Click Details underneath to see a list of access types (browser, mobile, POP3, etc.), IP address and date and time.

If you see a location or device you don’t recognize, that’s cause for concern.

The next thing you’ll need to look for is login alerts for accounts associated with your email address. Many platforms will automatically send you an email when you log in from a different IP address than usual. This is designed to prevent fraud and alerts you of an unauthorized login.

From your inbox, search for terms like login, logged in or signed in. Leave no stone unturned, and write down anything you find for later. You might need to reset your passwords again or lock them with a system like two-factor authentication. Keep reading for more on that.

Protecting yourself going forward

Now that you know what signs to look for, here’s what you need to do to take action against account intruders.

Set up two-factor authentication to protect yourself

Two-factor authentication, or 2FA, adds an extra layer of security to your email account. Once it’s set up, you’ll get an alert any time someone tries to log in from an unknown device.

To set up 2FA, you’ll need your smartphone on hand. When it’s set up, you’ll get a text message with a code to enter every time you log in. Without the code, you won’t be able to access your email. And if a hacker gains access to your account, they won’t be able to get into it without your phone physically in front of them.

Now, 2FA is by no means mandatory, but we can make the case it should be for email accounts due to the sensitive information they contain. Tap or click your email service below for instructions on setting up two-factor authentication.

While you’re at it, you should also set up 2FA on any other online accounts you frequently use — including social media. You can’t be too careful. Tap or click here to see how to set up 2FA for Facebook, Twitter and Dropbox.

Verify your recovery email and phone number

This goes hand-in-hand with setting up 2FA, which requires your phone number to function.

You can set a backup email to reset your password in case you get locked out. We recommend keeping this email hidden from any other platforms; don’t use it to sign up for accounts but keep it as your private backup. It’s not much of a security feature if your recovery email can be compromised, too.

You may have set up account recovery details when you first opened your email account or you skipped out on this step. Tap or click your email service below for instructions.

Change your password to something stronger

When it comes to cybersecurity mistakes, sharing your email password with other accounts is one of the worst. If a hacker gets access to your email password, it’ll be the first thing they try with other accounts you own. With phishing attacks on the rise, weak passwords aren’t going to cut it.

Here’s what you should do to make your password as secure as possible:

  • Use long and complex passwords that alternate between letters, numbers and symbols.
  • Don’t use identifying information like your name, birthday, pets name or hometown in your password. These are easy pieces of data for hackers to find, and once they do, they can compromise your system easily.
  • Avoid common or simplistic passwords, no matter how tempting they may be to use. Options like “password1,” “12345” and “letmein” are unfortunately common and are ranked as some of the weakest passwords on the web. 
  • Don’t share your passwords across multiple accounts. If one account is compromised, hackers will try to match the password to as many of your other accounts as they can.
  • As we mentioned above, always use 2FA if the option is available. It may add an extra step to the login process, but the added security pays off in spades.

After you change your password, update your security questions, too. For more tips on creating better passwords, tap or click here to read our complete guide to secure passwords.

Keep an eye on your email address

HaveIBeenPwned monitors hacker sites and collects new data every five to 10 minutes about the latest data breaches and exposures. This includes your email address, usernames, passwords and other personal information.

Enter your email address, and HaveIBeenPwned will check to see if it’s been compromised in a data breach. If it has, you’ll see a list of sites that have exposed your data and what exactly was leaked.

You can click Notify me at the top of the page and HaveIBeenPwned will alert you if your email address shows up in any list of hacked information going forward.

The bad news is that there are many people out there looking to break into your accounts for their gain. The good news is there are effective steps you can take to protect yourself. Take these steps to lock down your email account, and if nothing else, change your password.

Ask me your digital question!

Navigating the digital world can be intimidating and sometimes downright daunting. Let me help! Reach out today to ask your digital question. You might even be on my show!

Ask Me