How to Check If Your Email Has Been Hacked

Your email account is the master key to your digital life. If it’s compromised, attackers can reset passwords, impersonate you, and steal personal data.

Here’s how to tell if your email has been hacked, and what to do immediately.

Warning Signs Your Email May Be Compromised

Look for these red flags:

• Password reset emails you didn’t request
• Login alerts from unfamiliar locations
• Sent messages you don’t recognize
• Contacts receiving spam “from you”
• New inbox rules you didn’t create
• Emails marked as read that you never opened

If you see two or more of these signs, assume compromise.

Check Your Account Activity (Gmail, Outlook, etc.)

Most providers show recent login activity.

In Gmail:

• Scroll to bottom of inbox
• Click “Details” next to Last Account Activity

In Outlook:

• Visit Microsoft account security dashboard
• Review “Review Activity”

Look for:

• Unknown devices
• Foreign IP locations
• Suspicious timestamps

Check Forwarding and Email Rules

Attackers often set up hidden rules that:

• Forward copies of your emails to them
• Delete security alerts
• Hide financial messages

In your settings, review:

• Forwarding addresses
• Inbox rules
• Filters
• Connected accounts

Remove anything unfamiliar immediately.

How Email Accounts Get Compromised

Common causes:

• Phishing login pages
• Reused passwords from data breaches
• Malware stealing credentials
• Approving fake MFA prompts

For phishing detection help, read our Email Phishing: Complete Guide to Prevention (2026).

What To Do Immediately

If you suspect compromise:

1. Change your password (use a different device if possible)
2. Enable multi-factor authentication (authenticator app preferred)
3. Sign out of all active sessions
4. Review recovery email and phone number
5. Remove suspicious inbox rules
6. Scan your device for malware

Prevent Future Compromise

Long-term protection requires:

• Unique passwords for every account
• A password manager
• MFA enabled everywhere
• Securing your email account first

If your email is compromised, other accounts may follow. Act fast.

Quick Reference

• Check login history
• Review forwarding/rules
• Change password immediately
• Enable MFA
• Monitor financial accounts

Email security is identity security.

Read next:

• Account Security Guide (2026): Passwords, MFA, Phishing
• How to secure your email account
• What is multi-factor authentication
• What is identity theft and how to protect yourself