By clicking a retailer link you consent to third-party cookies that track your onward journey. This enables W? to receive an affiliate commission if you make a purchase, which supports our mission to be the UK's consumer champion.

What to do if your email has been hacked, according to a tech expert

A compromised inbox puts your personal data at risk – our experts explain how to regain access to your messages and files
Conor HoulihanTechnical Support Adviser

Conor built his first computer over 20 years ago, and uses his extensive tech expertise to help Which? Tech members avoid scams, fix issues and protect their data

Tom MorganSenior Consumer Writer

With over a decade of experience at Which?, Tom covers everything from tech advice to money-saving tips, and highlights the best deals during major sales events.

Hacked email

If you suspect a hacker has accessed your email inbox, you need to act immediately and change your password as soon as possible.

With access to your emails, a hacker could potentially take over your other online accounts by requesting password resets and intercepting the recovery links. They might also use your inbox to impersonate you, tricking your contacts into sending money or sharing personal data.

Below, we explain how to recover your Gmail, Outlook or Apple Mail inbox. Even if you're not currently dealing with a security threat, it's still worth reading through our walkthrough to make sure you're prepared.

Which? Tech Support package

Get a year of super-useful advice

Solve your tech issues and get a year of our super-useful tech support for only £49 a year.

Join Which? Tech Support

Already a Tech Support member? For more help and 1-2-1 technical advice, including buying advice, go to our Tech Support online booking tool.

How do I get my email account back?

'I've just received some phone calls from my friends and family notifying me that they have received an email from my Gmail account asking for a gift card.

'It looks like my email address has been hacked – what can I do?'

Which? Tech Support member

How to recover your inbox

1. Recover the account and change the password

Gmail password settings

Assuming you can still access your account, it’s best to change your password immediately to a strong, unique one that hasn’t been used elsewhere.

  • In Gmail: Select your user icon (top right-hand corner), then Manage your Google Account. Choose Security and sign-in > Password.
  • In Outlook: Select your user icon (top right-hand corner), then My Microsoft account. Go to Security and choose Change password.
  • For Apple accounts on Mac: Select the Apple menu and choose System Settings. Click your Apple ID and select Sign-In & Security > Change Password.

If the hacker has changed your password, then you need to go through the account recovery process. This involves choosing the Forgot password option when attempting to access your account, then verifying your identity using a phone or alternative email address. Some services (including Gmail) will also offer the opportunity to push a notification to a linked mobile phone.

Once your identity has been verified, you can set a new password.

Check your recovery details

While you’re in your account’s security settings, review your recovery email address and phone number. Hackers sometimes add their own contact details so they can regain access later. Remove any details you don’t recognise and make sure your listed recovery options are correct and up to date.

What makes a strong password?

When setting a password for your online accounts, avoid common words or phrases. Make sure not to include personal information, such as names or birthdays.

Instead, use a mixture of uppercase and lowercase lettering, plus numbers and special characters/symbols. It's also worth using unique passwords for every account you manage to avoid a single data breach putting all your accounts at risk.

For more tips, including using password managers, see our full guide on how to create secure passwords.

2. Log out of all other devices

Gmail device settings

Not all email services offer this feature, but popular providers such as Google, Microsoft and Apple do.

In your account’s security settings, you’ll find an option to view devices currently logged into your account. If you don’t recognise a device or location, you can select it and sign it out.

  • In Gmail: Select your user icon (top right-hand corner), then Manage your Google Account. Choose Security and sign-in > Device and select the problematic device. Click Sign out.
  • In Outlook: Select your user icon (top right-hand corner), then My Microsoft account. Select Devices and remove any you don't recognise.
  • For Apple accounts on Mac: Open System Settings and click your Apple ID. Scroll to the bottom to see a list of all devices connected to your Apple ID. If you see a device you don’t recognise or want to remove, click Remove from Account.

3. Check your auto-forward settings

Gmail forwarding settings

When hackers gain access to an email account, they often enable auto-forwarding so they can continue receiving your messages even after you recover the account and change the password. This setting is easy to overlook and could allow hackers to maintain access to sensitive emails, leaving you vulnerable to further attacks.

To check for auto-forwarding, go to your email account settings and look for the forwarding or auto-forward option.

  • In Gmail: Select Settings > See all settings. Choose Forwarding and POP/IMAP and then select Delete any forwarding setup.
  • In Outlook: Go to Settings > Email > Forwarding and IMAP. If you see any forwarding set up, click Disable forwarding and then select Save.
  • In iCloud MailClick the gear icon, then choose Settings. Select Mail Forwarding. If forwarding is enabled and you don’t recognise the address, uncheck 'Forward my email to' or remove the address. Optionally, uncheck 'Delete messages after forwarding' if it's selected.

4. Examine your inbox filters

Gmail inbox filter settings

Hackers might set up filters on your email account to block, delete or move emails into random folders to confuse you.

Within your account settings, there will be an option for filters and rules – we recommend deleting any that you have not set up yourself. 

  • In Gmail: Select Settings > See all settings. Under Filters and blocked addresses, check carefully for any unknown or new ones and delete.
  • In Outlook: Go to Settings > Email > Rules. Review the list and delete any rules you did not create yourself.
  • In iCloud MailClick the gear icon, then Settings. Go to the Rules tab and review each rule — if you find one you didn’t create or don’t recognise, click the trash icon to remove it.

We've heard from Which? Tech members struggling to stop unwanted messages clogging up their inboxes, but there's a fix – discover how to block spam emails for good.

5. Notify your contacts

While they had access, the hacker might have used your account to send phishing emails or copied your contact list for later use.

With this in mind, it’s best to let your contacts know that your account has been compromised. This can help prevent the spread of phishing attacks.

A good antivirus will prevent you from falling for phishing attacks – see the best antivirus.

Get more from tech

free newsletter

Cut through the jargon with our free monthly Tech newsletter.

Our free Tech newsletter delivers tech-related content, along with other information about Which? Group products and services. We won't keep sending you the newsletter if you don't want it – unsubscribe whenever you want. Your data will be processed in accordance with our privacy notice.

6. Look over your other accounts

Any other online accounts that share the same or a similar password to the one the hacker used to gain access should be changed.

It is crucial to use completely unique passwords for each online account to prevent a domino effect, where one breach leads to the compromise of multiple accounts. The hacker may also have accessed other accounts by using your email for verification. It’s recommended to change the passwords for any accounts containing sensitive data.

Lock up the data you share online and think before you post – see 7 ways to secure your social media and email accounts.

How to prevent your email getting hacked again

  • Use a unique, strong password for each and every account. Consider a password manager.
  • Enable two-step verification in your email account settings. (See also: What is two-factor authentication?)
  • Use an authenticator app if supported by your account. 
  • Keep your account recovery options up to date.
  • Regularly review your account activity, such as logged-in devices.
  • Be careful when using public wi-fi to access your accounts. (See also: How to keep your data safe when using public wi-fi)
  • Keep your PC apps updated, as updates are used to patch security vulnerabilities.

Scammers desperate to make a quick profit are tricking unsuspecting users into calling fake support numbers. Read our advice on how to stop scam pop-ups on Windows.

Join Which? Tech Support

Which? Tech Support package

Get a year of super-useful advice

Solve your tech issues and get a year of our super-useful tech support for only £49 a year.

Join Which? Tech Support

Which? Tech Support can help you keep on top of your home tech. Our experts explain things clearly so that you can resolve issues and feel more confident using your devices.

Get unlimited 1-2-1 expert support:

  • By phone – clear guidance in choosing, setting up, using and resolving issues with your home tech devices.
  • By email – outline the issue and we’ll email you our answer.
  • By remote fix – we connect securely from our office to your home computer and resolve issues while you watch.
  • In print – Which? Tech Magazine, six issues a year delivered to your door.

You can join Which? Tech Support.

More on this