Main content
Hacked Email Advice
On the programme on 6 June 2024, we included advice on what to do if you’re email account gets hacked, like Julia’s did earlier in the year.
Tech expert David McClelland, who was one of the recipients of a fake message from Julia, says:
- A hacker may have gained access to your email username and password via a data breach, or a phishing link (where you unknowingly provide your details to a scammer).
- To check whether your data has been involved in a data breach, you can use an online service such as or a credit reference agency like , which offers a free ‘dark web’ search, allowing you to see whether your details are being bought and sold online.
- To protect yourself, change your password, and don’t use the same password across multiple websites – because if a less secure site gets hacked, your email address could be vulnerable.
- Use two-factor authentication – many email providers offer the ability for you to enable a notification to your mobile phone, prompting you to enter a short code. This means your email can only be accessed by someone with physical access to your mobile phone and provides a significant extra level of protection.
- ‘Disable all sessions’ – this process of signing out of your email account on all devices means anyone with unauthorised access will be kicked out. If you’ve changed your password and enabled two-factor authentication as recommended, they won’t be able to get back in. Depending on your email provider the process varies – use the email provider’s ‘help’ function or FAQs page, or try using a search engine for a guide on how to do this.
- Avoid allowing third parties like other websites and social media platforms to have access to your account – this sometimes happens when you use, for example, an existing social media account’s details to log into a new service or app.