How to Recover a Hacked Email Account

Step-by-step guide to regain access to your compromised email account, secure it from further attacks, and protect your data from hackers.

  1. Attempt account recovery from a trusted device. Navigate to your email provider's sign-in page and click 'Forgot password' or 'Can't access your account.' Enter your email address and follow the recovery prompts. Check for recovery emails on alternate email addresses or SMS messages on your registered phone number.
  2. Contact your email provider's support team. If automated recovery fails, contact customer support through their official website or phone line. Provide account details like your full name, alternate email addresses, recent emails sent, and account creation date. Request manual account verification and password reset.
  3. Change your password immediately. Once you regain access, create a strong, unique password with at least 12 characters including uppercase letters, numbers, and symbols. Avoid using personal information or previously used passwords. Update the password immediately through your account security settings.
  4. Enable two-factor authentication. Go to your account security settings and enable two-factor authentication using your mobile phone number or authenticator app. Choose app-based authentication over SMS when available for stronger security. Complete the verification process and save backup codes.
  5. Review and revoke suspicious account access. Navigate to your account's security or privacy settings and check recent login activity. Look for unfamiliar IP addresses, locations, or device types. Revoke access for any suspicious sessions and devices you don't recognize.
  6. Check and restore email settings. Review your email forwarding rules, filters, and signature settings for malicious changes. Delete any unauthorized email forwarding addresses and suspicious filters. Check your sent folder for emails you didn't send and warn affected contacts about potential phishing attempts.
  7. Update linked accounts and services. Identify all services connected to your email account including social media, banking, and shopping sites. Change passwords for these accounts immediately, prioritizing financial and sensitive services first. Remove your compromised email from any services you no longer use.
  8. Scan devices for malware. Run full antivirus scans on all devices that accessed the compromised account. Update your antivirus software and operating system before scanning. Remove any detected threats and consider using a dedicated anti-malware tool for thorough cleaning.

Related

  • How to Set Up Privacy on Social Media
  • How to Check for Data Breaches
  • How to Use a Password Manager Effectively
  • How to Remove Personal Information from Google
  • How to Set Up Encrypted Messaging
  • How to Use Privacy-Focused Browsers