A compromised email account may lead to it being used to send fraudulent emails. If your email account is compromised your contact list could be exploited, and fake accounts could be created to impersonate you.
What to do if your email account is compromised
If you use the same password as the compromised email account on other accounts or services, it is important that you change these as soon as possible.
There might still be a chance to recover and regain access to your compromised account if you had a recovery email address or phone number set up previously. However, these details may have been changed during the compromise. Read our guidance on recovering a hacked account to regain access to the account.
If you're unable to regain control of the account, contact the service provider (E.g. Microsoft, Google etc) to request a complete shutdown. Steps to take if your account has been hacked;
- Inform any relevant individuals about the compromised account and any fake accounts.
- Use a trusted method to reach out, such as email from a verified account, phone call, or text message.
- Advise them not to respond or interact with these fake accounts, and if unsure, to contact you through other means.
- Instruct them to mark any emails from fake accounts as spam or junk before deleting them. If you can't regain control of your legitimate account, advise them to do the same with any emails they receive from it.
If you can't recover access and have used the compromised email for subscriptions, update the email address or cancel the subscriptions.
When hackers receive no response or benefit from compromised/fake accounts, they usually stop using them over time.