Skip to content

What to do if the email account was hacked

If strangers have access to your e-mail account, the trouble is often great. But how can you tell if your account has been hacked and what can you do in an emergency?

Have you suddenly stopped receiving e-mails? Do acquaintances receive e-mails that identify you as the sender, but which were neither written nor sent by you? Mails that you have not even opened are nevertheless marked as read? All these are unmistakable signs that your e-mail account has been hacked. We tell you what measures you should take now.

The hack of the e-mail account is an attack on privacy, which, depending on the damage caused, can certainly be compared to a home burglary. So at first, the shock is likely to be deep. Nevertheless, you should definitely try to stay calm and then take a few countermeasures to keep the damage to a minimum.

First of all, if the worst-case scenario occurs, i.e. you can no longer access your e-mail account after it has been hacked, you need to contact the service department of your e-mail provider. The latter can restore the account, of course only in return for the corresponding legitimation. If (hopefully) this “worst case” scenario has not occurred, it is important to proceed thoughtfully and step by step. We tell you what to do.

Email account hacked? What to do now

1. virus scan

If your account has been hacked, you may be tempted to create a new password first in order to be able to read important, perhaps urgently awaited e-mails promptly. However, you should not do that at all, because otherwise there is a risk that the attacker will immediately get the new password as well. Therefore, the first step is to scan the computer with anti-virus software. Be sure to choose a “deep clean” for this, which will detect any kind of infection and render it harmless. Only when you can be sure that the device is free of Trojans, spyware, keyloggers, etc., does it become time to assign a new password.

2. change password

The new password for your email account should be more secure than the one that has been hacked, and it should be characterized by as different characteristics as possible. An obvious, even shorter term, such as “email account” or a number-word combination like “123Email”, is therefore out of the question. Instead, the longer the password, the more secure it is.

Small thought aids, such as a question to which only you know the answer, make it easier to remember even more complicated passwords. As a precaution, you should also write down the password, but never keep this note in the immediate vicinity of the computer. After all, you wouldn’t think of carrying your bank account PIN around in your wallet along with your debit card. By the way: If your e-mail account has already been hacked several times, it might make sense to think about moving, i.e. changing your provider.

3. all other online accounts

Unfortunately, changing the password for your e-mail account alone is not enough. The attacker is usually less interested in the content of mails than in personal data, especially those through which users manage their financial transactions. This means that you also need to change the passwords of all your other online accounts. It doesn’t matter whether it’s your bank account, credit card account, Netflix account or “just” your gym account.

Actually unnecessary to mention: It should always be an original password, i.e. a different one for each account. If users use one and the same password for all online accounts, such as credit institutions, online department stores, social media, etc., the attacker will have all the data at his fingertips as soon as he has hacked only the e-mail account. In short, every account needs its own password. It makes sense to set up a one-time password manager that manages all passwords. Users themselves then only need to remember the manager’s password.

4. inform contacts

If the e-mail account has been hacked, those affected should also inform family, friends, professional contacts, etc. as a precaution. Ask your contacts to stop downloading or even opening any attachments that have come from your account for the time being. Otherwise, there is a risk that your contacts’ accounts will also be infected with malware.

5. new security questions

To be absolutely sure to close all possible entry ports for the hacker again, you should also change your security questions. The same applies here as with the password: the more individual, the better. A security question about your favorite dish to which the answer is “pizza”, “steak” or “lasagna” is not too much of a challenge for a hacker.

6. security all around

Since the vast majority of users today not only use a computer, but also have other devices in use, such as notebook, tablet, smartphone, smartwatch, which are usually all networked together, it is advisable to subject these devices to an intensive virus scan as well.

7 Prevention is better than cure

To rule out the possibility of the email account being hacked (again), users should heed some advice for the future. Avoid clicking on links that come from a source you don’t know. Whether these links were sent via email or SMS, or reached you via Facebook, Instagram, Twitter, etc., the rule is always: don’t open them! It also goes without saying that personal data should never be shared with unknown sources.

And last but not least, you should consider that the enormous mobility of our society can also be a source of danger, as quite a few people spend more time on their laptops or smartphones every day than on their computers at home. Often, people then use a public WLAN network, such as that of a café or a hotel. It is therefore advisable to secure mobile devices with software designed for this purpose.


  • #aldi
  • Fraud
  • Security