[Do you get our weekly free newsletter with the latest scams and tips to stay safe? Sign up now and be smarter and safer using the Internet! ]

First, let’s acknowledge how awful it feels. You have our sympathy! Believe us, we know what it is like and we’ve heard from many of our members who have experienced it.

1. Send an email to everyone in your address book informing them of the hacking into your account and warning them about any “odd” emails they may have received from you.  Choose a subject line that will get their attention but clearly identify you as the sender. e.g. “John’s email was hacked. Beware of strange emails from me.”

2. We recommend running a good antispyware program on your computer to make sure nothing is hiding on it.  If you have a PC you can download and use Malwarebytes at malwarebytes.org.  If it is a Mac, Sophos.com is offering their antispyware program for free at the moment.  [Additional choices appear below.]  The reason for this is that you want to be certain the hacker didn’t capture your password because of spyware installed on your computer.  Most likely the hacker used a “password cracker” to break into your account or tricked you somewhere into revealing your login credentials. (It may also be possible that a hacker is spoofing your email address but you cannot know for certain that this is the case. Better to be safe than sorry.)

3. Once you are certain your computer is free of any spyware, change the password to your email account.  It should be at least 10 characters and consist of letters, numbers and non-letter, non-number symbols to be secure. (Such as = @ ! $ symbols) Do not include any personal information such as names or birthdays in your password.  Visit our article on how to make strong passwords but we’ve posted some tips below.

4. Finally, log into your email account and look at ALL the settings & preferences, especially ‘forwarding’ to make sure the scammer did not automate anything in your account. Also look to see if he set up any secondary email addresses through your account.

5. If you had used the same password for your hacked email account for any other accounts you have, you will want to change those passwords immediately.  However, don’t use the same new password you just used on your email account.  Make variations of it.  You might add a 3-number sequence or set of letters, etc.

Exposed passwordPASSWORD TIPS:

a) Passwords should contain:
Random use of letters, numbers
Non-letter, non-number characters such as = or ! or $ or )
Mix of UPPER and lower case
At least 10 characters long!

b) To create passwords you can actually remember:
Change simple phrases: “Make it better” becomes “mak1TB3tr!=”
Create an acronym using song lyrics and add to it: “When I get older, losing my hair” becomes “w1GO1mh=1967” (Song released in 1967)
Make up a word and modify it: “flomacious” becomes “f10MAc10U$”
[Use a fake word generator to help you: Wordoid or WordGenerator
Don’t use real words in your passwords because a simple dictionary attack may be able to crack them.

c) For different accounts, add a letter or 2 that relates to your account.
“bk” for bank, “MU” for mutual fund, “fb” for Facebook, etc. Use a “+” or “=” symbol to connect them. Or put your base-password in parentheses, for example:


Note: We offer these links as a courtesy to our readers “as is” and have not tested any of the software described on these sites. We cannot comment on their efficacy.


1. https://www.techradar.com/news/best-free-anti-malware-software
2. https://www.pcmag.com/roundup/354515/the-best-spyware-protection-security-software
3. Sophos for Mac Computers (The only Mac AV software for free)
4. Malwarebytes Antispyware Software
5. https://www.tomsguide.com/us/best-antivirus,review-2588-5.html

[Thanks to FreeDigitalPhotos.net for the graphics on this page!]