First published: 20 Sep 2023
Last updated: 10 Nov 2023

Content written for

Individuals & families
Small & medium business
Large organisations & infrastructure

Email accounts are valuable targets for cybercriminals. Not just because they store sensitive messages, but also because they can be used to impersonate the account owner, to spread scams, and to perform password resets. Email account compromise occurs when someone gets unauthorised access to your email account and can act on your behalf. It is important to know the signs that your email account has been compromised and the steps you can take to secure it.

What are the signs that your email account has been compromised?

  • You notice changes to your account that you didn’t make, such as emails in your inbox marked as read even though you’ve never opened them.
  • There are emails you don’t recognise in your deleted or sent folders.
  • Emails that you expect to receive don’t arrive in your inbox.
  • You received an unexpected password reset notification.
  • You’ve been automatically logged out of your account on all devices.
  • You can’t log in to your account, even though you know the username and password you’re using are correct.
  • Your contacts tell you they received an unusual or suspicious email from you.
  • Your account shows a last login time, location or device that looks wrong.
  • Your account provider alerts you to suspicious activity.

Has your business email been compromised?

If it is a business email that you are concerned about, see what to do if your business has been targeted by email fraud or compromise.

An account is also compromised if its login details have been leaked, even if there has been no suspicious activity yet. This could happen if you accidentally forget to log out of an account on a public computer, if another account with the same password is compromised, if your login details were in a data breach or if you were tricked into providing your login details as part of a phishing attack. Whatever the cause, you should take the steps listed in this guide to secure your account.

Call if you need support.

The Australian Cyber Security Centre has a 24/7 Hotline: 1300 CYBER1 (1300 292 371).

Call now if you need additional support, and in the meantime, keep calm and read this guide. It steps you through what you can do right now to limit the damage.

Was this helpful?
Yes this was helpful
No this was not helpful

Thanks for your feedback!

We welcome additional feedback below.

Was this information easy to understand?
Will you take action after reading this?
Did you find the information you were looking for?
Did the design and layout of this page meet your expectations?