Signs Your Email Account Has Been Hacked
Your email account is the most valuable target for criminals. It controls password resets for your bank, social media, shopping accounts — everything. A hacked email account can quickly cascade into a hacked life.
The good news: there are clear, detectable signs that something is wrong. Here is what to look for.
7 Warning Signs to Check Right Now
1. Emails in Your Sent Folder You Did Not Write
This is one of the clearest signs. Log in and check your Sent folder — look for emails to contacts you would not normally message, or messages containing links or requests for money.
2. Your Contacts Are Receiving Emails from You That You Did Not Send
If a friend or family member tells you they received a suspicious message from your email address, your account is likely compromised. Do not wait for this to happen — check your Sent folder proactively.
3. Password Reset Emails You Did Not Request
If you see emails from services — your bank, Amazon, PayPal, social media — saying a password reset was requested and it was not you, a criminal has access to your email and is trying to take over your other accounts.
4. Forwarding Rules or Filters You Did Not Set Up
Criminals frequently create silent email forwarding rules so they receive a copy of everything you send and receive — even after you change your password. Check:
- Gmail: Settings (cog) → See all settings → Filters and Blocked Addresses; and Forwarding and POP/IMAP
- Outlook: Settings → Mail → Rules
- Apple Mail: Settings → Rules
Delete any rules or forwarding addresses you did not create.
5. Unrecognised Devices in Your Login History
Most email providers show a list of recent logins and devices. Check for locations, devices, or times you do not recognise:
- Gmail: Scroll to the bottom of your inbox → “Last account activity” → Details
- Outlook: account.microsoft.com → Security → Sign-in activity
6. Your Password Has Stopped Working
If you cannot log in at all, the criminal may have changed your password. This is urgent — use the account recovery option immediately before the recovery phone number or backup email is also changed.
7. Your Email Address Appears in a Known Data Breach
Check haveibeenpwned.com — enter your email address to see whether it has appeared in a known data breach. If your password was exposed, change it immediately even if you see no other signs of compromise.
Not sure if your account is fully secure?
Cyber Nova AI gives you a personalised security checklist — including account checks, two-factor authentication setup, and a step-by-step recovery guide. NCSC-aligned. Free to start.
Get my free security planWhat to Do If You Spot Any of These Signs
Need a complete diagnostic?
Our main guide covers every type of account and device: Am I Being Hacked? Signs and What to Do Right Now →
For step-by-step account recovery guidance, see our How to Recover a Hacked Account →
Frequently asked questions
How can I tell if someone is reading my emails without my knowledge?
Check for email forwarding rules you did not create (Settings → Filters/Rules on Gmail, Outlook, or Apple Mail). Also review your login history for unrecognised devices or locations.
What should I do first if my email has been hacked?
Change your password immediately and enable two-factor authentication. Then check for forwarding rules you did not create and remove unrecognised active sessions.
Can I recover a hacked email account?
Yes. Use your email provider's official account recovery process — Gmail: accounts.google.com/signin/recovery; Outlook: account.live.com/password/reset. For step-by-step guidance see our account recovery guide at /how-to/recover-hacked-account.
Protect yourself before it happens again.
Cyber Nova AI gives you a personalised cybersecurity plan based on NCSC guidance — strong passwords, two-factor authentication, and account security checks. Free to start.
Start my free security plan