top of page


If your e-mail account appears to have been hacked DON'T PANIC!

Here are a few simple steps to help you check the scale of the damage and get your account security back under control.

If your account has been hacked it is highly likely that someone stole your password and might be using your account to access your personal information or send junk e-mail to your contacts.

Step 1: Clear your PC of viruses or malware before you change your password.

If you have a good antivirus program installed, make sure it's up to date and then do a full scan of your system.


If you don't have antivirus software installed on your PC and you're running Windows 8.1 or 10 then don't worry you do have Windows Defender a basic anti virus programme installed as standard.


Click on the Start button in the bottom left of Windows 10 and then click on All Apps, then Windows System and Windows Defender, or type Defender into the search panel and select Windows Defender to bring up the software’s control panel. Choose the option to run a Full Scan on the right-side of the home page.

Step 2: Change or reset your password and security questions

After you run the antivirus app, sign in to your account and change your password. Make sure you create a strong password.


If you can't sign in, reset your password.

  • Make the new password significantly different from previous passwords.

  • Don't use the same password for different accounts.

  • Do use initials, numbers, and symbols.

  • Don't use a single word for your password like "password," "monkey," or "sunshine."

  • Make your password hard to guess even if someone knows a lot about you (avoid names and birthdays of your family or your favourite pet).

  • Don't use common passwords like "password," "iloveyou," or "12345678."

Set up 2 - step verification if it is an option.

With 2-Step Verification (also known as two-factor authentication), you add an extra layer of security to your account in case your password is stolen. After you set up 2-Step Verification, you’ll sign in to your account in two steps using something you know like your password or something you have, like your phone via text messages or a verification app.

Step 3: Check your account settings

Check settings to ensure that they have not been changed.

  • Email filters - Check to see if new filters have been created.

  • Sending name - Confirm your sending name and name on your account has not been changed.

  • Email signature - Confirm your email signature has not been changed - sometimes links may have been added

  • Reply-to address - Make sure replies to your emails are going to the right inbox. 

  • Send-only address - Check to see if a Send-only address has been added or changed.

  • Out of Office - Check to see if any automatic replies have been set up - sometimes links may have been added.

  • Default sending address - Confirm the address that pre-populates in the "From" field is right.

  • Blocked addresses - Make sure there aren't addresses blocked that you want to get email from.

  • Auto-forwarding address - Make sure your email isn't being forwarded to any unfamiliar email addresses. 

  • Your recovery phone number - Check to see if it has been changed

  • Your recovery email address. - Check if it has been changed

  • Your security questions - check if these have been changed or accessed

  • Apps with access to your account. - Check if this setting was turned on or off without your knowledge

  • 2-Step Verification - Check if it has been turned off 

  • Location Sharing - Check if this has been changed.

Step 4: Restore deleted email and contacts

If your e-mails and contacts have been deleted by the hackers some e-mail providers like Microsoft/Hotmail can detect that your account might have been hacked and will start saving your deleted messages in a safe place. You can select the Deleted Items folder and click on "recover items deleted from this folder"

Step 5: Secure other accounts


Don't just change your email password. Also change the passwords of any accounts that share the same password as your hacked e-mail account and even those that are variation of that password. As an extra security measure, also change the passwords for any sites that store your credit card information, like Amazon or e-Bay

Search for the word "password" in your mailbox to see if any other accounts might have been compromised. Change these passwords immediately; if they include critical accounts such as bank or credit card accounts, check your statements to make sure there are no suspicious transactions. 

Step 6: Let your contacts know

Let those in your contacts list know that your email was hacked and that they should not open any suspicious e-mails or click on any links in any email(s) that they recently received from you. 

Links for providers own guides and recovery facilities







Talk Talk

bottom of page