It can be surprisingly hard to tell if an email account has been hacked, especially when the hackers are covering their tracks. I'll show you a few possible signs.
Knowing that your email has been hacked can be very difficult to detect, particularly if you are not moderately tech savvy.
Hackers often go through extra steps to leave as few traces as possible. Sometimes, they may leave some, but it’s not that common. In fact, it’s very difficult, sometimes almost impossible to tell.
Let’s look at a couple of things that could help.
Signs of a hacked account
The most common scenario for an email account being hacked is that the hackers actually change the password and you can’t login. Clearly, that’s not the scenario that you’re seeing here. When people can’t login to their email account, they know something is wrong.
When hackers don’t, change your password they do so so you won’t notice that anything’s wrong. They can continue to send email as you and you have no idea that anything is wrong.
One way to determine if this is the case is to look at your sent mail folder and see if there are messages there that you know you didn’t send. If you find some – particularly message that look like spam1 – then you know a spammer probably has access to your account.
The problem is that hackers will often take the extra step of going into the sent mail folder and remove what they sent from there so that they leave no trace.
Check your logins
Most email services have a tool that shows you the last time (or several times) that you accessed this account and the IP address from where you did so. Many hackers are overseas, so if you look at that information, you can sometimes tell if your account was hacked because there’s a login from another country.
Now I do have to warn you that sometimes legitimate access may still look kind of suspicious within your own country. In the United States, it’s not uncommon for my email account to be logged into from my location, another location elsewhere in the country, a third location elsewhere in the country depending on what I’m doing. That’s because I’m often using a different ISP at different times. Different ISPs will look like different IP addresses and they may report different locations. Unfortunately location reporting for IP addresses is notoriously inaccurate.
But if you see accesses from countries overseas, its best to assume your account has been hacked.
Gmail is the only email service that I know of that actually has this level of detailed information. You might check with your own providers to see if they have something similar.
What to do when you know
Unfortunately, the most common way that people find out that their email account has been hacked is the result of exactly what you are doing. Somebody who is receiving email from the hacked account tells them, “Hey, your account is sending out spam; you’ve probably been hacked.”
That’s about as good as it gets.
When this is the case, change your password. Do all of the other things that you need to do to secure your account.