TL;DR: You don’t.
When accounts are hacked, folks really want to be able to figure out who did this to them. How did it happen? What computer were they on? Who are they?
The short answer is, you’re extremely unlikely to figure out who hacked your email account. Here’s what to do instead.
Who hacked my email?
You probably can’t find out who hacked your email, and chasing it will only frustrate you. Make sure you were actually hacked and not just “From:” spoofed. Then secure your account and learn from what happened. Let it go, and move on.
Were you really hacked?
A hack means that someone was able to sign in to your email account and send messages using that account. They typically change your password and recovery information to lock you out of the account. Often, being locked out is the first sign that your account has been compromised.
However, none of that is required to send email that looks like it came from you.
What’s called “From spoofing” allows hackers to make email look like it comes from any email address they want. No actual account access is required.
If you’re still able to sign in to your account, you may not have been hacked. Check the Sent folder (and perhaps the Trash folder). If you only find messages that you actually sent, chances are your account hasn’t been compromised at all.
Help keep it going by becoming a Patron.
The other extreme: you can’t sign in
The most common sign of an account hack is that you can’t sign in to your account. If efforts to recover the account fail, you could lose the account forever.
Even if you could identify the culprit, it probably wouldn’t help you get your account back. It might feel like it should, but the reality is that the amount of effort and cooperation from so many organizations — law enforcement (foreign and domestic) as well as the service itself — is not likely to happen, and certainly not in a useful timeframe.
Recover your account, if you can, but don’t count on finding the hacker as a way to help.
Law enforcement might help… or not
If laws have been broken — if you can involve local law enforcement and they have the time and expertise to help — they may have the ability to get more information.
Sometimes, they can even track down an individual.
Several factors make this an extremely rare result.
- Law enforcement doesn’t have time. They must prioritize other, more serious issues needing their attention.
- Law enforcement doesn’t have the expertise. While it is getting better, most law enforcement agencies don’t have the technical know-how required in these situations.
- Law enforcement may not have jurisdiction. Hackers are often in other countries, where your law enforcement agencies can’t help.
Even though this is a personal violation that’s incredibly important to you, it’s just not a priority for most law enforcement agencies to help people with hacked accounts.
Related
My Email Is Hacked, How Do I Fix It?
If your email is hacked, there are several steps you need to take to get it back and prevent it from being hacked again.#5415
You’re on your own
If you’re not able to get outside help tracking down the culprit, my advice is that you don’t bother trying. It’ll be a frustrating experience, and as you can gather, the chances of finding anything are slim to none.
What you can do is focus instead on recovery and prevention.
Begin by reading “Email Hacked? 7 Things You Need to Do Now” to make sure you’ve completely recovered your account. Changing your password is not enough, and often leaves your account in a state that allows the hacker to quickly take it over again. There are several steps you need to take.
Learn from the experience. As best you can, figure out how the hacker got your account in the first place, and take steps to make sure it doesn’t happen again. For starters, follow the steps outlined in Internet Safety: 7 Steps to Keeping Your Computer Safe on the Internet.
Finally, after you’ve secured your account (or started fresh if you’re unable to get it back) and plugged any security leaks, get on with your life.
Do this
My advice? Let it go. Learn from the experience and do what you can to improve your security so it doesn’t happen again, but as for finding out who hacked you? Let it go.
There’s almost nothing you or I as individuals can do to get the information I know you really want.
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
someone deleted my personal email and i need to find the ip address because they used it blackmail me through my medical records
An IP address won’t help you: How To Trace an IP Address: Myth Versus Reality
My Gmail account was hacked. The hacker used it to login to my bank app using it to scam people all around…. Pls how can I get back my email address although, the person kicked out my recovery email and use his/hers…
Sorry for the canned response, but this is all we have regarding account recovery.
We cannot recover hacked accounts, or lost, or forgotten passwords. Please see this article for more information on your options:
Please review the account recovery options as outlined in this article:
https://askleo.com/access-gmail-without-phone-verification/
If Google’s recovery process doesn’t work for you — maybe you don’t have the recovery email or phone — MAKE SURE to follow Google’s instructions CAREFULLY and COMPLETELY.
If the recovery process can’t be made to work, I know of no way to recover the account. If that’s your situation I’m very sorry.
If you DO recover your account you’ll want to check the steps in this article to prevent losing it again:
https://askleo.com/google-account-hacked/
” They typically change your password and recovery information to lock you out of the account. Often, being locked out is the first sign that your account has been compromised.”
That’s true of most email hacks, but in some cases, a hacker might not change the password or the recovery address or phone numbers. If you suspect you are hacked, change your password and delete any recovery information the hacker may have added.
Hi Leo,
I have a problem related to this issue.
My email and phone number were both hacked and they used them to open various credit accounts in my name and use these to purchase stuff from internet.
This was a rough learning experience as you indicate in your video and it took a long time to get my life back in order.
As I used these accounts for all my online business it took many long phone calls (once I actually got through to a real person) to everything back up and running again. The mistake that I made was that I did not use 2FA or have secondary accounts noted with any one so that I could get back into those accounts.
I do have one problem which I have not been able to resolve.
The email account was a Microsoft account which, of course, I used to sign into my computer. I no longer have access to that account they locked it down – but did not close it!
It is still there when I log into my computer and it continually encourages me to log back into my Microsoft accounts.
I have also recently decided to purchase a new Microsoft account as I swore off ever having anything to do with them ever again. The new account will not down load properly and I am only getting partial use from it.
Any help you can offer will be greatly appreciated.
Love your YT content by the way very useful to someone like me who only half understands this stuff.
Many Thanx
Andy
I don’t know what it means do “download” a new Microsoft account. For that matter I also don’t know what it means to purchase one … they’re free.
Maybe submit your question at https://askleo.com/ask and we can collect some more information about the situation.
Re From spoofing:
Oooh, you hit a hotbutton of mine.
Folks, when you send email to multiple recipients, PLEASE don’t put all of their email addresses on the To: or CC: lines.
When you do that, you’re handing the whole list of email addresses to any miscreant who’s managed to install malware on ANY of the computers/devices they use to read email. You’ve opened all your friends to email phishing attacks. Nice of you.
Instead, put your own email address on the To: line and put all the other addresses on the BCC: line. You may have to burrow around in your email program’s settings to get it to appear, but it’s almost certainly there.
When you send the email that way, the recipients see only an email from you to them, no other addresses. Everyone’s safe.
If you really need to have a multi-party discussion, a discussion list might be a better solution. They’re made for that. Google Groups is free, easy to set up and easy to use. All you need is a Google account.
Absolutely. BCC Reduces Spam
But sending to a large number of BCCed recipients can label you as a spammer.
How Do I Send an Email to Many People?
It should be illegal to sell phones that can’t track your hacker when businesses do it all the times me. And there is no reason to have such an expensive phone and then get asked for more.