This article is posted with permission from our partner MacPaw. MacPaw makes Mac + iOS apps that have been installed on over 30 million devices worldwide. Freelancers Union members receive 30 days of free unlimited access to CleanMyMacX and Setapp: https://freelancersunion.org/resources/perks/macpaw/

Our emails store everything from client contracts to grandma’s best cookie recipe. Naturally, someone’s snooping around in our inbox feels like discovering an uninvited stranger sleeping in our bed. It’s unsettling, intrusive, and downright dangerous. From stolen client information to identity theft, the fallout of a hacked email can be serious.

But Moonlock, a cybersecurity division of MacPaw, is here to show you how to take back control over your email. Here’s a full breakdown of how to spot the signs of a hacked email, what steps to take, and how to safeguard your inbox from future attacks.

Signs your email has been compromised

Cybercriminals get sneakier every day, but their actions still leave behind digital breadcrumbs. Some of these signs might hit you over the head, while others require a closer look. Either way, catching these red flags early is key.

You’re locked out of your account

If you’re suddenly unable to log in, and your password doesn’t work –– you’ve likely been hacked. The first thing attackers do is lock you out by changing your password and recovery settings (including two-factor authentication if you had it). This move hands them full control of your account.

Unsolicited login notifications

Are you getting random push notifications or emails asking if you were trying to log in? These warnings mean someone is tampering with your account. Don’t ignore them –– change your passwords at once and report the incident via app support.

Suspicious activity

Ever logged into your email to find weird messages you don’t remember sending? Hackers often use compromised accounts to spam malware or scam your contacts. Watch for messages you didn’t send, new contacts you didn’t add, or strange notifications.

Emails are read, but you didn’t open them

Hackers love going through your inbox for valuable information. If emails are marked as “read,” that might be a sign someone else is peeking in. Sure, a clever hacker might re-mark them as unread, but they’re not always that careful.

Deleted emails

If emails are vanishing from your inbox, it could be a hacker covering their tracks. They might delete account access notifications or incriminating messages sent on your behalf. Check your trash folder regularly for anything fishy.

New email filters

Hackers can also set up filters to auto-delete or forward certain emails without you noticing. Regularly check your email’s filter settings to ensure no one’s pulling a fast one on you. 

When in doubt, use professional hack checker tools

Tools like “Have I Been Pwned?” can confirm if your email address has ever appeared in a data breach. Created by Microsoft’s Troy Hunt, this free tool is simple to use.

Visit the site, enter your email, and click “pwned?” Within seconds, you’ll know if your credentials have been compromised. 

What to do if your email has been hacked

Realizing your email has been hacked can be stressful, but don’t worry, there are ways to remedy the situation. Follow these steps to take back control and secure your account.

1. Disconnect from the internet

Go offline to cut the hacker’s lifeline. Disconnecting prevents possible hacking malware on your device from sending more data to the attacker’s server.

2. Run a virus scan

Conduct a thorough malware scan on your computer. Hackers often use stolen credentials to infect multiple devices. If anything suspicious pops up, remove it immediately.

3. Change all passwords on a safe device

While the antivirus is scanning, take your phone and start changing all your passwords. Use strong, unique combinations with uppercase letters, numbers, and symbols. Update your security questions and answers, too. Store everything in a password manager like 1Password or a free app Passwords that’s built into all Apple devices.

4. Enable two-factor or multifactor authentication

While changing passwords, turn on 2FA or multi-factor authentication for all your accounts. It’s like adding an extra deadbolt to your digital door. Even if a hacker has your password, they won’t get in without the secondary verification.

How to prevent future hacks

If you’re worried your email might be hacked, or you’ve had this experience before, Moonlock came up with a few recommendations to keep your email safe.

Use anonymous email generators

Hackers don’t go from inbox to inbox trying to guess our passwords. Most often, they hack entire companies, apps, and projects that store client information, leaking all data on the dark web. Therefore, the less information we share online, the lower the chances that our personal information will get into the wrong hands.

Services like Apple’s Hide My Email or Firefox Relay help users reduce their digital footprint. They create disposable email addresses for signing up on websites or newsletters. Replies are forwarded to your real inbox without revealing your true email address.

Switch to privacy-focused email providers

Privacy-focused email is built on encryption and collecting only the minimum amount of user information. Your emails remain secure even if intercepted, and the email provider has little data to share in case of a breach.

Proton Mail is a leader in this area. Based in Switzerland, a country that treats privacy as a fundamental right, it ensures that your data stays protected. 

Try temporary email addresses

Temporary email works differently from email masking services like Firefox Relay and Hide My Email. They are web-based, so they are not tied to any specific operating system or browser. The separation effectively limits how much information the service can gather about you, adding an extra layer of privacy.

Another benefit is that replies usually don’t get forwarded to another email address. Instead, most temporary email services provide an inbox directly on their website where you can view and collect messages. This setup creates a solid barrier between your temporary email and your real identity.

Typically, you’ll enter a username, and a disposable inbox will appear for your use. Once you close the page, both the email address and its inbox are deleted, leaving no trace.

A quick online search will reveal plenty of temporary email providers, with popular options including Temp Mail, Email on Deck, and YOPmail. Keep in mind that these services often come and go, so it’s always worth checking for the latest options.

Start using a VPN

A VPN like ClearVPN masks your IP address and encrypts your online activity, shielding you from prying eyes. Always use it while connected to the internet.

Consider a privacy-focused browser

Consider browsers like Tor for an extra layer of privacy. Yes, it’s slower due to heavy encryption, but that’s the trade-off for staying hidden online.

Hacking is a growing issue, but it’s not unbeatable. Armed with the right knowledge and tools, you can protect your email accounts, avoid breaches, and ensure your digital life stays in your control.