Skip to main content

Step 2: Check account security

Icon of a shield with a tick in the centre of it

After any email incident you should review your account security - even if you’re not sure you have been hacked. Reviewing your account security will help you identify any intruders, regain control over your account, and help prevent you from getting hacked in the future.

Complete as many of the following steps as possible, or seek professional help:

  1. Change your password/passphrase
    It’s possible your old password has been compromised.
  2. Update your account recovery details
    Cybercriminals could change the recovery details on your account to give them a back door to regain access.
  3. Sign out of all other sessions
    Signing your email account out of all devices will remove the cybercriminal’s access to your emails.
  4. Enable multi-factor authentication
    Turning on multi-factor authentication is the most important defence against cybercriminals.
  5. Check account mail settings (including mailbox rules)
    Check if your account has any email forwarding rules and delete any you don’t recognise.
  6. Check third party application access
    Have you ever linked your account to a third party service? This connection could be a way for cybercriminals to gain access to your email account.
  7. Check login activity
    Regularly review your login activity to check if your email account has been accessed at unusual times or from unusual locations.
  8. Check your email folders, devices and other accounts for suspicious activity
    Check your email folders, specifically your sent and deleted items, to assess what actions a cybercriminal has taken.

Need further assistance?

For more detailed information on how to check your account security, read the ACSC’s Step-by-Step Guides: Check Account Security for Gmail and Check Account Security for Outlook.

Was this information helpful?
Was this information helpful?

Thanks for your feedback!

 
Optional

Tell us why this information was helpful and we’ll work on making more pages like it