DarkScout
Menu
Login
Request a Demo
Login
Request a Demo

How to Check If Your Email Was Hacked (Step-by-Step Guide)

nikhil
10 min read 16 Feb 26
Share :
How to Check If Your Email Was Hacked (Step-by-Step Guide)

Let’s be honest, the moment you suspect your email has been hacked, your stomach drops. Because your inbox isn’t just emails. It’s your bank notifications, your work conversations, your password resets, your entire digital identity sitting in one place. If someone else has access to it, they essentially have a skeleton key to everything else you own online.

The frustrating part is that most people find out way too late. By the time something feels obviously wrong, the hacker has already been in your account for weeks, quietly reading, forwarding, and resetting passwords on your other accounts one by one.

So let’s change that. Here’s exactly how to check if your email was hacked, step by step, starting right now, no technical knowledge required.

How to check if your email was hacked

Step 1 — Look for the Warning Signs

You don’t need any special tools to start. The signs your email was hacked are often hiding in plain sight inside your own inbox, you just need to know where to look.

Open your account and work through this checklist:

  • Check your sent folder. This is the one most people never think to look at. Scroll through it, do you see any emails going to people you don’t know, or messages to your own contacts that you never wrote? That’s someone else using your account.
  • Look for password reset emails you never requested. Getting reset links for your bank, Amazon, Netflix, or LinkedIn that you didn’t ask for isn’t a coincidence. A hacker has your inbox open and is actively working through your connected accounts.
  • Search for missing emails. Hackers delete security alert emails so you never see them. If your inbox feels emptier than it should or emails you remember receiving have disappeared, that deletion was deliberate.
  • Check your spam folder for security alerts. Gmail, Outlook, and Yahoo all send notifications when your account is accessed from a new device or unusual location. These sometimes get filtered into spam. Go check right now; there may be an alert sitting there you never saw.

Step 2 — Check Your Login Activity

Most people don’t realize their email provider keeps a detailed log of every device, location, and IP address that has ever accessed their account. This is one of the most reliable ways to check if your email was hacked, especially when your inbox looks completely normal.

Here’s where to find it:

  • Gmail: Scroll to the very bottom of your inbox and click “Details” next to “Last account activity.”
  • Outlook: Go to account.microsoft.com → Security → Sign-in activity.
  • Yahoo: Account Security Settings → Recent activity.
  • iCloud: appleid.apple.com → scroll down to see all devices currently signed in.
  • What you’re looking for is anything that doesn’t belong, a city you’ve never been to, a country you’ve never visited, a device you don’t own, or a login at 3 am when you were definitely asleep. Even a single unrecognized entry is enough to treat your account as compromised and act immediately.

Step 3 — Audit Your Account Settings

This is the step most people completely skip, and it’s exactly what hackers count on. When someone gets into your email, one of their very first moves is to quietly change your settings so they keep access even after you’ve changed your password.

Check all of these right now:

  • Email forwarding rules. Look for any email addresses your inbox is forwarding to that you don’t recognize. This is the most dangerous hidden change. A hacker can set up a rule that silently sends every email you receive straight to their own inbox, and it keeps working even after a full password reset.
  • Filters and rules. Look for any filters automatically deleting, hiding, or archiving emails — particularly security alerts and breach notifications. This is how hackers stay invisible.
  • Recovery email and phone number. Make sure these are still yours. If a hacker swaps these out, they can lock you out of your own account permanently whenever they choose.
  • Connected third-party apps. Go through every app that has permission to access your email and revoke anything you don’t recognize or haven’t used recently.

Step 4 — Scan Your Email Against Breach Databases

Even if your inbox looks completely normal, your email address may be circulating on the dark web right now without any visible symptoms.

Data breaches happen constantly. When a website you use gets attacked, your email and often your password get dumped into a breach database, sold on darknet marketplaces, and used by hackers to break into accounts. The breach may have happened months ago on a site you barely remember signing up for.

The only way to know for certain is to use a dedicated email hacked checker.

Use DarkScout’s free email breach checker →

DarkScout scans your email against 17+ billion compromised accounts across 936+ breached websites, instantly, no signup required. If your email appears in a breach, you’ll see exactly which breach it came from, what data was exposed, and what to do next. It takes 10 seconds and gives you a definitive answer on how to check your email for data breach exposure.

Step 5 — What to Do If Your Email Was Hacked

If anything in the steps above confirmed your email has been compromised, this is where you stop reading and start acting. Speed matters here, every minute counts.

Work through these in order:

  • Change your password right now. Don’t put this off until later. Use a strong, unique password of at least 15 characters, a mix of uppercase, lowercase, numbers, and symbols. And don’t reuse anything you’ve used before on any other account.
  • Enable two-factor authentication. This is the single most effective thing you can do to stop it from happening again. Use an authenticator app like Google Authenticator or Authy rather than SMS; text codes can be intercepted, authenticator app codes can’t.
  • Clean up your account settings. Go back through Step 3 and remove anything suspicious, forwarding rules, unknown filters, and unrecognized connected apps. Verify your recovery email and phone number are still yours. Don’t skip this step even if you’ve already changed your password.
  • Change passwords on every linked account. Start with banking and financial accounts, then social media, then everything else. Any account that uses your email as a recovery address has been at risk. Treat all of them as potentially compromised until proven otherwise.
  • Warn your contacts. If phishing or spam emails were sent from your account, your contacts need to know. Send a quick message letting them know not to click any links they received from you recently; one of those links could compromise their accounts too.

Set up ongoing dark web monitoring. A one-time check only tells you about past breaches. DarkScout’s monitoring service watches the dark web 24/7 and alerts you the moment your email or credentials appear in a new breach, before hackers can act on it.

Email leaks

How to Prevent Your Email From Being Hacked Again

Getting hacked once is bad enough. Getting hacked twice because you didn’t change anything is worse. Once you’ve secured your account, these steps will make sure it doesn’t happen again.

Use a unique password for every account. The number one reason email accounts get compromised is password reuse. When one site gets breached, hackers take that password and test it everywhere else. A password manager like Bitwarden or 1Password makes it easy to use a different strong password for every account without having to remember them all.

Enable two-factor authentication. Even if a hacker gets your password, two-factor authentication (2FA) stops them from getting in without also having access to your phone or authenticator app. Use an authenticator app like Google Authenticator or Authy rather than SMS; SIM swapping attacks can intercept text message codes.

Never click links in unsolicited emails. Phishing is the most common way email accounts get hacked. If an email asks you to verify your account, reset your password, or click a link urgently, go directly to the website by typing the URL yourself instead of clicking. No legitimate service will punish you for that.

Be careful with public Wi-Fi. Logging into your email on an unsecured public network exposes your credentials to anyone monitoring that network. Use a VPN if you need to access your email in public places like cafes, airports, or hotels.

Review connected apps regularly. Every third-party app you grant email access to is a potential security risk. Go through your connected apps every few months and revoke access to anything you no longer actively use.

The Bottom Line

Knowing how to check if your email was hacked isn’t just a technical skill; it’s an essential habit in 2026. The earlier you catch a compromise, the less damage it can do.

Start with the steps above. And if you want a definitive answer right now, run a free scan in 10 seconds.

Check if your email was hacked — free, instant, no signup →

Blogs

Related Articles

Is Your Email Safe
Cybersecurity 19 Feb 26
Is Your Email Safe? 5 Ways to Find Out Right Now
Discord Data Breach
Cybersecurity 07 Jan 26
Discord Data Breach Explained: What Every User Must Know
Network Security Key
Network 02 Feb 26
What Is a Network Security Key? A Simple Guide for Everyone

See why DarkScout is the Leader in Darknet Data

DarkScout is the leading provider of darknet data. With advanced monitoring and analysis tools, DarkScout helps businesses and security teams stay ahead of cybercriminals, providing real-time intelligence to prevent data breaches and attacks.

Sign up - it’s free!

Get a Demo

Scroll to Top