How did they get my password?

Most commonly through 'credential stuffing' - using passwords from other website breaches. If you reused a password from a site that was hacked (LinkedIn, Adobe, etc.), attackers try that password everywhere.

Should I tell the police?

If money was stolen or fraud committed, yes - report to Action Fraud (0300 123 2040). For a 'simple' account compromise with no financial loss, police typically can't help, but the report creates a record.

Can they read my old emails?

If they had access before you changed your password, yes. Check your email for anything sensitive - password resets, financial documents, personal information - and take appropriate action.

Will this happen again?

Not if you enable two-factor authentication and stop reusing passwords. These two steps prevent 99% of account compromises.

What if it's my work email?

Tell your IT department or provider immediately. They can check for broader compromise and reset your account properly. Don't try to hide it - the faster they know, the faster they can contain any damage.

Your Email Has Been Hacked - Here's What To Do

Discovering your email has been compromised is scary. You might have spotted suspicious sent messages, received password reset alerts you didn't request, or been locked out entirely. Take a breath - this is fixable. Here's exactly what to do, step by step.

Need Help Securing Your Business Email?Call 01584 517 234

Does This Sound Familiar?

Common signs you're experiencing this issue

Emails in your Sent folder you didn't write
Password reset notifications you didn't request
Contacts asking about strange messages from you
Unable to log in - password changed without your knowledge
Unfamiliar devices or locations in your account activity

What's Causing This?

Understanding the root causes helps find the right solution

Password Reuse

Using the same password across multiple sites means one breach exposes everything.

Phishing

A convincing fake login page captured your real password.

No Two-Factor

Without a second verification step, a stolen password is all attackers need.

Shoulder Surfing

Someone watched you type your password in a public place, or your screen was visible.

How We Can Help

Practical solutions to resolve your issues

Change Password Immediately

Use a strong, unique password you've never used anywhere else.

Enable Two-Factor Authentication

Add a second verification step so passwords alone aren't enough.

Check Account Activity

Review connected devices and recent logins - remove anything unfamiliar.

Alert Your Contacts

Warn people in your address book to ignore suspicious messages.

Step 1: Regain Access
If you can still log in, change your password immediately. Make it long (12+ characters), unique, and unrelated to your personal information. If you're locked out, use your email provider's account recovery option - usually involving a backup email or phone number.

Step 2: Enable Two-Factor Authentication
This is the single most important step. With two-factor enabled, even if someone steals your password, they can't access your account without also having your phone. Every major email provider offers this - turn it on now.

Step 3: Check for Damage
Look for:
- Email forwarding rules (attackers often forward your emails to themselves)
- Connected apps with access to your account
- Password reset emails for other services (banks, shopping sites)
- Sent emails you didn't write

Step 4: Secure Other Accounts
If you used the same password elsewhere (we know, everyone does it), change those passwords too. Attackers will try your email password on banking sites, social media, and shopping accounts.

Step 5: Tell Your Contacts
Send a quick message letting people know your account was compromised. This prevents them falling for scam messages sent from your address.

Going Forward
Consider using a password manager - it generates and remembers strong unique passwords for every site. This removes the temptation to reuse passwords.

Frequently Asked Questions

Common questions about this issue

Ready to Fix This?

Let's get your IT working properly

Need Help Securing Your Business Email?View Pricing

Trusted By Local Heroes

Don't just take our word for it.

"Well all I can say is a big shout out to Sam James BSc at Fresh Tech for literally swooping into rescue🦸‍♂️ my computer from being hacked within seconds. Thank goodness I outsource to companies who know what they are doing."

Carole Aveson

CAA Administration Services