This guide has simple steps to follow if you are a victim of an email attack - whether that attack is hacking your email account or impersonating you by another method. Maybe a friend, colleague, or service provider has received a suspicious email from ‘you’, but you didn’t send it. The email may request payment for an invoice or ask to change bank account details. Alternatively, maybe you noticed you are receiving unusual emails in your own email account. They may be about suspicious login activity or unexpected password resets. You might have also noticed emails have been deleted or moved to different folders. These could be indicators of business email compromise or BEC. The first section will teach you how to respond to an email security incident and how to limit damage. The second part will help you protect yourself in the future. Some of these steps may not be applicable to every situation, consider your circumstances to determine whether you should complete the relevant step(s). Step 1: Report the incident Step 2: Check account security Step 3: Notify contacts and relevant third parties Step 4: Send a takedown request Step 5: Contact the email provider Protect yourself against the next attack Learn how to increase your email security so that you are not vulnerable. Step 6: Protect yourself from future email cyber attacks