How to Check if Your Email Has Been Hacked

Learn to detect if your email account has been compromised. Check for unauthorized access, suspicious activity, and secure your account immediately.

1. Check your sent folder for unfamiliar messages. Open your email's Sent folder and scan recent messages for emails you didn't send. Look for spam, phishing attempts, or messages to your contacts requesting money or personal information. Hackers often use compromised accounts to send malicious emails to your contact list.
2. Review recent login activity. Access your email provider's security settings to view recent login locations and devices. In Gmail, go to Manage your Google Account > Security > Recent security activity. For Outlook, visit Security dashboard > Sign-in activity. Look for unfamiliar locations, devices, or login times when you weren't using your email.
3. Examine account recovery and forwarding settings. Navigate to your account settings and check recovery email addresses and phone numbers. Verify that email forwarding rules haven't been added to redirect your messages elsewhere. In Gmail, check Settings > Accounts and Import > Send mail as and Settings > Forwarding and POP/IMAP.
4. Monitor connected apps and permissions. Review third-party applications with access to your email account. In Gmail, go to Manage your Google Account > Security > Third-party apps with account access. Remove any unfamiliar applications or services you don't recognize. Check when each app last accessed your account.
5. Check for password changes and security alerts. Look for security notifications in your inbox about password changes, new device logins, or account recovery attempts you didn't initiate. Search your email for messages from your email provider containing terms like 'security alert,' 'password changed,' or 'new device.' These often indicate unauthorized access attempts.
6. Verify your email address on breach databases. Visit Have I Been Pwned (haveibeenpwned.com) and enter your email address to check if it appears in known data breaches. This service tracks major security incidents where email addresses and passwords were compromised. Review any listed breaches and their dates.
7. Change your password and enable two-factor authentication. Create a strong, unique password for your email account immediately. Enable two-factor authentication (2FA) through your provider's security settings. Use an authenticator app rather than SMS when possible. Sign out all other sessions to force re-authentication on all devices.