Email accounts are vulnerable to breaches, meaning any account can be hacked and used by someone else. If you think someone has logged into your email account without your permission, there are some steps you can take to limit the damage and get your account back under control fast. Here’s what to do if you think someone has logged into your email account.
Look at their recent logins
Logging in from a new location may be a red flag. If you see something suspicious, try using Have I Been Pwned, a searchable database of email hacks where hackers often publish their victims’ email addresses online. Find yourself on there? You should change your password immediately and then add two-factor authentication so that anyone trying to log in from anywhere other than your computer won’t be able to access it. For added security, look at setting up an email address dedicated just for banking or shopping (like [email protected]). This way, any emails sent to that address will require additional verification. Lastly, keep an eye out for phishing emails—even ones that appear to come from reputable sources like Amazon or Google. They can still steal your information even when they appear legitimate!
Check their sent mail
An easy way to tell if someone else is logging into your email is by looking at recently sent emails. This should be a no-brainer, but don’t forget that just because you haven’t sent an email recently doesn’t mean they aren’t checking out your inbox and responding using their own name. Simply click on sent mail, which will display all outgoing emails in reverse chronological order (the most recent will be at the top). Clicking on any of these entries will reveal more information, including who it was sent to and when it was sent. If you see something that looks suspicious or dated within hours of when access would have been granted, odds are good that something fishy is going on.
Search for unusual attachments
The most obvious sign that you’ve been hacked is an unusual attachment. So, check your inbox (and spam folder) for any attachments you didn’t send yourself. If there are any attachments that look like they weren’t sent by someone in your contacts, forward them to yourself so that it looks like it came from an email address you know. Then delete them. If it keeps happening, contact Gmail Support immediately. They can help figure out what happened and give you advice about what to do next (if anything). It’s also a good idea to change up your password—you should be doing that regularly anyway! If you have two-factor authentication enabled on your email, Google will ask you to enter a code when logging in from an unrecognized device. This makes it harder for hackers to access your email because they don’t have access to your phone number or security key. If all of these steps sound complicated or scary, just start using a new email address instead of changing passwords or enabling two-factor authentication with your current one. You could even create one specifically for online shopping sites so that they don’t get mixed up with other accounts. You might want to keep separate emails for work and personal use as well—that way if something gets compromised at work, it doesn’t affect personal stuff too much.
Check social media accounts
It’s very easy for people with basic computer skills to gain access to email accounts. Knowing that it’s important for users of web-based email services such as Gmail, Hotmail, or Yahoo Mail who are concerned about unauthorized logins from their accounts to periodically check their social media presence – specifically Twitter, LinkedIn, and Facebook – and make sure they haven’t posted any suspicious messages. This may sound like a tall order, but doing so can help you catch any uncharacteristic activity before it causes serious problems. That said, simply checking an online profile every once in a while won’t cut it; being on guard 24/7 is far more effective when it comes to protecting yourself against cybercriminals looking for a quick way in.
Change your password
If you suspect that someone may have gotten access to your email account, change your password. It’s better to change it sooner than later. You should also make sure that every other service or app connected with your email has updated its settings as well. Most sites let you edit things like security questions and recovery emails—make sure these are up-to-date, too. Finally, consider turning on two-factor authentication (2FA). This gives an added layer of protection in case anyone else tries logging in on a new device by making them enter a code sent to a trusted phone number or app first. Most popular apps support 2FA nowadays so it’s worth looking into whether yours does as well.