How to tell if your email, computer, or Facebook has been hacked

It's actually quite difficult for the typical user to tell if their computer is being hacked. Email and Facebook are another story.

How do I tell if my email, my computer, or my Facebook has been hacked?

Well, it depends.

I’ll look at each of the ways below.

What about email?

Email hacks are one of the easiest to recognize. If you suddenly get multiple messages from your contacts – the people listed in your address book, not random people – saying that they received spam email from your address – not your name, your actual email address – then there’s a pretty good chance that your email account has been hacked.

Now why am I being so specific? For a long time, spammers have been using “From: spoofing.”  That’s when they send messages from one email address but make it look like it’s coming from another. Spam gets sent to random people and it looks as if it’s coming from you, but it’s actually coming from somewhere else.


From: spoofing doesn’t require that your account be hacked. But, if you’re getting a lot of reports and they’re from people that are actually listed in your address book, then that’s the clue that something’s up. That’s something you want to look into.

If this is something that’s happening to you right now, go take a look at my article, “Email hacked? The 7 things you need to do right away.” That actually runs down the list of steps you need to take once you are fairly certain that your email account has indeed been hacked. It’s not enough to just change your password; there are other things you need to do as well.

What about my computer?

This one is a little harder. When hackers are trying to attack a computer, they will go to great lengths to hide what they’re up to. That means that you can’t always easily determine when something is wrong. I do have an article, “How can I tell if my computer is being hacked?” which might give you a good start.

There are a couple of things that might give you an indication that something has happened.

  • An abnormal increase in internet or network activity. That often manifests as slow downloads or just slow internet access when you know that you’re not doing anything particularly big via your internet connection.

In this scenario, hackers might be accessing your machine remotely. The problem is that you have to watch and know what’s normal and what’s not. An increase in internet or network activity – which typically looks like nothing more than a slow internet connection – might also be related to other things, like your ISP, your internet connection, the site that you’re visiting, or the internet in general. That’s what makes it so difficult to determine if it’s a hacker at work or legitimate activity.

  • Unexpected disk activity. This is a similar scenario where a hacker is accessing files or programs on your computer. Again, you have to know what’s normal and what’s not. Even when you’re not using the computer, programs like the indexing service are running in the background and accessing the disk. Those are sometimes clues but they’re not very good ones.

The best thing that you can do to make sure that your computer isn’t getting hacked is to follow all of the guidelines that I have outlined in the article, “Internet Safety: The steps you need to take to keep your computer safe on the internet.” That’s the usual litany of things that you probably already know: get behind a firewall, use anti-malware software, watch the links that you click on, and more. Review that article to prevent this from ever happening in the first place. Like I said, if it does happen, it’s very difficult for the average computer user to tell.

What about Facebook?

Like email, a hack to your Facebook tends to be a little bit clearer. The first sign is that things appear on your Facebook wall that look like they were posted by you, but you know that you didn’t post them.

It’s important to note that often liking a page on Facebook or playing a Facebook game can legitimately cause them to post things on your wall. That’s legitimate and not a sign of a hack. The thing to look for here is if a post appears that could only have been posted by you and yet you know that you didn’t post it.

Once again, the same kinds of things that were discussed in the email hacking article apply to Facebook as well. You need to change your password and change your recovery settings as well.

The bottom line for both Facebook and email is simply to look for unusual activity that originates as if you had done it. It’s not always accurate, but it’s often the first clue that something might be up.


  1. Bill

    Regarding email hacking, Leo’s article describes the case of a person, say A, suffering an email hack (contacts/address book compromised), whereupon A’s address book contacts, say B, C and D, receive emails apparently from A, without A being aware of it (and without any sign in the “Sent” folder).

    Question: Is it possible that under the same circumstance (A’s email hacked), dodgy emails can appear to have been sent, not by A, but by one of those contacts, say B, and are received by A, C and D? So they all think the hack is of B’s email, whereas it is actually of A’s email ?

    Thanks for yr advice,

    • That can happen without a hack at all. Spammers have been spoofing the from address for years. I’m certain that the relationships that they uncover in people’s contacts list could be used as you describe by some of the more “advanced” spammers, but I would not take is as a sign that “A” has necessarily been hacked. Typically when contact lists are used the email appears to come from the contact list’s owner.

      This article is worth a read: Someone’s sending from my email address! How do I stop them?!

  2. I have a somewhat different problem. I sometimes get email from someone I know, but it is not from that person. For instance, John Doe has an address of “John Doe (john123 – at –”. That’s the real address. I might get one from “John Doe” with a subject of “Hey Joe”. When I inspect the email address it is different – “John Doe (flub1 – at –” or the newr It is always from a yahoo account.

    Most all are not in my email address book and I don’t keep any on line. In almost all cases they are people on my Facebook account.

    Just in case, I have changed all email and Facebook passwords and security questions and answers. I do this every couple of months. If I find I need to change one, I do them all.


    • This is actually very common from spoofing. In addition there was (or perhaps still is) a way that spammers could divine the relationships you might have on Facebook – i.e. who your friends are. They couldn’t get the email address, but they could get the names. So in order to trick people into opening their spams they created messages that look like they come from your friends – by name, but not by actual email address. There’s nothing that can be done about this at this point, and there’s nothing really that you need to do.

  3. mohdabraar

    i want to know that what had happen on my wall when it was hacked by my friend so i want some suggesion from u plz help me my fri had behaved very badly so i just want to check on my wall becz they had written lot of horrible to my family ,friends and also to my sister so plz help to check my wall

    • I’m afraid I have no idea what you are asking. If you just want to look at your hijacked wall, just have a friend who is still friends with the account help you to look at it. Other than that, start the process of regaining your account using your Facebook recovery information.

    • Connie Delaney

      I’m taking a wild guess here that you may be confused about the way posts happen in Facebook. It is easy to be confused because it really is confusing! When your friends make a post it often (not always) shows up on your wall. So they could very well be posting things about you without hacking your account at all. If the posts are actually comments to things you have posted on your timeline you can delete them. If they are on your wall you can only hide them. And you can also take steps to report bad behavior to Facebook. So, if you take Leo’s advice and make sure you have exclusive control of your account, then that is the next thing to look for.

  4. Judy

    Can a hacker run a google search on my computer (it looks like I searched on my computer, but I didn’t) and then click into websites from that search. In other words, if someone hacked into my computer, will it look like I looked at websites, when I did not?

    • Mark Jacobs

      Unfortunately, it’s possible. If a hacker or malware gets into your computer, there’s almost nothing they can’t do.

        • Nope. Reformatting a computer doesn’t affect whether or how an online account like Facebook is or has been hacked. Reformatting a computer simply removes malware (and everything else) from your PC. You still then need to take all the appropriate steps to keep your computer and online accounts secure.

  5. Annette

    On frequent occasions I have to re-log into my email or facebook accounts when I know that I hadn’t logged out of them. Sometimes things that I’ve already read in email appear as unread. The last time that I logged into facebook, I received a notification of a post that I had made the day before (to myself). I am connected to a shared router. Are these “glitches” indications that my computer accounts are being monitored?


    Is Ubuntu or any other Linux based distro safe or hackproof ? I heard its difficult to penetrate a Linux system

    • Mark Jacobs

      Linux is generally much safer than Windows or even MacOS, mostly by virtue of it not being as great a target as the OSs with the greater market share. However, no OS is hackproof. As they say, the only sure way to avoid viruses is to leave your computer turned off. I even got infected before I started using the Internet.

  7. Brandy

    If someone Hacks into my ROUTER, will THEIR activity show on MY personal computer & phones?? — We Have activity as far as Websites visited But swear Router must of been hacked. Is that possible for activity to be on comp & phone if they wasn’t actually used?

  8. Allie

    Every time I open my email account I start reading or writing an email after about 30 seconds it flashes blank and then brings me back to the home email screen. Does this mean someone has hacked and reading my emails?

  9. hari krishna

    My facebook account has been hacked and the recovery email id has been changed. What should i do now. Please help me out. I tried everything bt of no use.

  10. Judith

    I go on a forum and I am being accused of sending messages to various members and the messages show my account name but I have done this and have reported several times I have changed my name and password!!

  11. marquita cravens

    I have been receiving intermittent (several times a day) noises that sound like two blips. It doesn’t make any difference what sites I’m on or going to. It’s been going on for about the last three months. My computer is running fine but this noise is the most annoying mystery to me. Could it be some kind of spy program?

    • Mark Jacobs

      I get blips fairly regularly. In my case it’s interference from other electronic devices. For example, one case this happens is when my mobile phone is about to ring. Other times, it just appears to be random, but I’m sure it’s some other electronic device somewhere causing this. I just got on while I was typing this :)

  12. Mohamed

    I was talking to someone I don’t know on Facebook . He was able to get all my details such as : my work email, my ID , birthplace, ..etc . and he said he knows some people working in a minister of interior who deliver him my details. The question is how did they get all my details ?

    • Connie Delaney

      Some of the things you mention are very easy to find. On Facebook you have your workplace listed, and all I would have to do is Google your work to find that number. So this scammer is just using easy to find things to try to get you to worry and fall for his scam.

  13. Eboni

    I was reading this article and had to comment. My husband has been having an issue with his facebook. He is really not that computer saavy as I am but his facebook keeps getting hacked. He is out of the country right now and we use facebook as the main form of communication. Someone keeps getting into his facebook account and deleting me from his friends list and blocking me. I have had to create several accounts just to get a hold of him. He says he doesn’t know how this is happening . He created another account yesterday and everything was fine until today when the same issue popped up. Someone logged onto his account, saw the message that I sent him and then blocked me . How can this possibly happen?

    • retiredhacker

      well the chances are that he has a malware that is key logging him so for pc try malwarebytes and avast and for cellular devices a virus/malware flash would be recommended. you can google how to and where to get these …good luck with the problem

    • It’s almost impossible to say. Since he’s travelling using open hotspots improperly come to mind, as do keyloggers and/or malware on his computer.

  14. retiredhacker

    well once a hacker has your actual pc they can do anything include keylogging which happened to me recently but i used avast antivirus and malwarebytes and they got him very quickly due to the fact that i run quick scans before using my pc daily and once a week run full scans…note that these are the free version that i use and they work even better when purchased…

  15. Anne

    Hi, My email accounts connected to Facebook disappear! Totally. Deleted! This has happened to my last two Facebook accounts. I don’t use my real birthday nor my real phone number. Is this the cause? I’ve actually decided not to use Facebook again.

  16. Anetta

    Hi. We have a confirmation that our email has been hacked. The info in those emails was shared through another person’s email account. Is there a way we can show that we were hacked and who actually did the hacking? This relates to a big lawsuit, and the opposing side is using hacking tactics to obtain intel.
    Many thanks.

  17. stephy

    Is my facebook being hacked? I usually have 99+ unread messages and on (other )messages I had 79 .I logged in yesterday and all my unread fb messages were all opened ,I only had 36 unread and they opened all my(other messages ) so I immediately changed my password . And marked all unread but after I changed my password it marked” read” 3 specific messages and I would remark them “unread”and they would go back and mark them “read” but nothing else was different in my fb just that they had opened all the mesaages and kept doing so even when I changed my password.I dont know if this is a hacker or it has something to do with my laptop

  18. ojubanire lanre

    My facebook account has been compromised. My alternate email,but still retains my username,Hacker has been using facebook profile to scam others.Pls help. I need a facebook contact i can send email for them to have this account at least suspended for now,

  19. Beverly Bungenstock

    I believe that someone is reading my e-mail messages from their computer… Is this possible & how would I know if they are ? Is this against the law for them to do so ?…Thank you in advance for your reply…

  20. Deon Fialkov

    Well it’s definitely well-documented… thank you !

    I think that you should consider making your own youtube channel as you seem to be quite the tutor in your posting.

    (No sarcasm intended – only compliment)

  21. Ashley

    Hi Leo, I hope you can help me. I saw a nude email that was sent from my husbands email to one of his contacts through MSN. He swore up and down he didn’t send it. He claims his email for MSN was hacked. Is that possible for a nude picture to be sent of his body isf his computer/iPhone/email was hacked.

    Also I emailed the lady who he sent the picture to a week ago. I started getting phone calls yesterday telling me that he was in Kansa with another woman. Today I received an email with a plane ticket confirmation that was purchased by the woman he sent a picture to, to go to Kansas at the same time he was there for work. I emailed her back. She told me she did not see him in Kansas nor did she receive a picture of his penis. she said her email was hacked and the ticket was fake. Is this possible? It all came from her email.

  22. Urmila Aigner

    My email was hacked on Sept. 12, 2014. The hacking involved changing my user name to a derogatory name. I only know of two individuals who would do this, but of course can’t prove it. Now, I find out that my Facebook password was changed two days later on Sept 14, but not by me. Is there a way to find out what the password was changed to? I would like to know if the same derogatory name was used there as well, which will connect the two incidents, although it’s circumstantial. We have not had our personal information stolen, as there’s been no evidence of identity theft. We do have securities set on our machine as well, but this is a unique situation, as it seems the goal of this hacking is to harass. Any help in figuring out if I can track the hacking to a specific IP address?

    • There is no way to find out what an account’s password *is*, you can only reset it to regain control. An IP address won’t help you – I have several articles on that. The only way is to get the authorities involved, if you can.

  23. Djroma

    facebook did not help their coustomer like me becouse my facebook account hacked and created fake one so how i get my passward know to log my account ooooowchhhhhh

  24. Stephen

    I suddenly saw a popup message saying that a new device had connected to my computer. It didnt give me the option to accept or not. Since then I have had buzzing noise going on and off on the pc and when I was on MS Word typing a resume at one point all my resume started to delete (had to switch pc off to avoid losing it all). Its been making strange sounds since and ocassionally the curser is changing shape etc. Has someone hacked into my computer. I have McAfee Anti-Virus Plus. Starting to think it is a useless thing to have?

  25. Intriqued!!

    I don’t know how this could have happened and hope that maybe you culd shed some light on it. Two individual accounts – my husbands email address and my facebook account both hacked into simultaneously. There is no link whatsoever between the two accounts. His email was hacked into and his contact list exported then deleted off his account. I received an email (my own address) supposedly from him staying he was stranded abroad with no cash. The ‘reply to’ wa directed to a similarly named account on
    At the same time, my FB was hacked into – the contact email address changed to the very same email address composed by the hacker as a return address for my husbands email!!
    Do you have any ideas as to how a link could be made between the two accounts please? My facebook passord is unknown to my husband so it is not likely to be inside one of his emails either sent or received. There is no link to my husbands email address on my facebook either online or by PM’s. Any ideas would be gratefully received.

  26. Deborah Dodson

    Is is possible that my Facebook,telephone number,and email address are all transferred to another android phone by a hacker..My last location session on android Facebook was located in Kingsworth Texas yesterday..This morning my location session was in Gladesworth Texas..I’ve never been to Texas..Now I can’t access my account at all even though I changed my password yesterday..Any suggestions?

    • Connie

      It’s possible that a hacker has gained access to your account and is traveling around and using it. It would have nothing to do with an Android phone. A hacker could access the account from any smartphone, tablet or computer. It’s also possible that you are making a mistake with your password after changing it yesterday, and that’s why you can’t get in. Your ISP is the entity that would show as the location for your last session – that could be miles away from you. For instance, I live in Idaho and my location often shows as Kalispell Montana which is where my ISP’s servers are located.

      So the first thing you should do is simply try to recover your password. Here’s a good article on that:

  27. Puzzled

    Leo’s comment on September 19 from last year begins: “There is no way to find out what an account’s password *is*, you can only reset it to regain control.”

    If this is true, can you explain what might have happened in my case? A few days ago, I discovered a pending friend request that I never sent on Facebook to a profile that was clearly fake (I reported it to Facebook and it was gone the next day). I also immediately changed my password, but after researching the difficulty of hacking Facebook, I decided that I needed to reset it again to ensure that my new password was nearly impossible to break using a laptop and standard hacking techniques. I assumed that my account was hacked, but I always had control over the password. (I didn’t think to check to see what devices were logged into the account, which might not have shown a hacker anyway, if he wasn’t currently logged in). I have no idea how long this pending request was on my account, but the profile seemed to have been created in January, so it could have been nearly three months. Yet if I was hacked, the friend request was the only change on my account, a change that I might never have noticed since I rarely send out friend requests and have not once in 8 years checked to see what requests I still have pending.

    As someone being cyberstalked, I can imagine that my stalker was either using access to my Facebook account for information and left the profile as a nasty Easter egg for me to discover so that I’d know he’d been watching me or he left it as a backwards friend request (he seems delusional and thinks that we’re having an affair that needs to be kept secret from my husband). Yes, I’ve reported this to the police, but I’m still anxious to know how it was done. I suppose he could have guessed my old password, which wasn’t nearly as strong as I’d imagined. He might also have used cookies at an open hot spot, but I can’t recall the last time I brought my laptop any place with open wifi where he could have predicted I’d be.

  28. James Molok

    Dear Sir.

    My laptop was stolen a few weeks ago and I had not logged out my mail – it is possible to know if the mail is still active on the laptop?


    • Mark Jacobs

      The first thing you should do when your computer is stolen is to change the password and recovery information on your email account(s), and as a precaution on all accounts that have a login (Amazon, EBay, PayPal, Facebook, Twitter and especially Banks and other financial institutions). You can get an idea if you see emails which are marked as read, but whoever is logged into that account can mark them unread, so there’s no way to be absolutely sure if that person is reading your mails.

  29. lisa

    I went into my computer today to log into facebook, when I got to the facebook page it had already had someones email and password typed in as if they were the last ones who signed in on my computer. I clicked log in just to see and its of a woman who I have never met, seen or even heard of. The only ones who have ever used my computer has been my husband and I. I have a password on this computer, so my question is how is this possible? What could be going on?

    • Mark Jacobs

      That’s really strange. Normally, the only way that can happen is for someone to physically or remotely access your computer and log on. This shouldn’t be possible to do through Facebook according to the symptoms you describe. In other words, this doesn’t look like a Facebook hack as it was her Facebook account open on your browser, but it appears to be a computer hack.

  30. Ashley

    I usually leave my PC on and remain signed in to Facebook and my yahoo email. The other day I was accidentally logged out of FB but because I hadn’t had to log in for a few weeks I forgot my password and had to create new one. If this happens in future, is there any way to “find” my password on the PC itself? (whether after I’ve logged out or if I’m in the account?)

  31. Jaden

    My girlfriend is receiving messages on facebook from an unknown user, who seems to block her after sending them. The odd part about this, is that these messages she is receiving are containing information that she has only talked to me about over call, text or with her friends over Facebook. Is there a way to tell if someone has hacked into one of our messengers? or to obtain ISP information from the blocked user, and find out where these messages are coming from?

    • Connie

      The thing to do is to go through all your accounts and change your password and security information. If you have a suspicion that you have been hacked it’s the quickest and safest thing to do .

Leave a reply:

Before commenting please:

  • Read the article. Seriously. You'd be shocked at how many people make comments that prove they didn't.
  • Comment only on the article. If you have a new, unrelated question start with the search box at the top of the page.
  • Don't post personal information. Email addresses, phone numbers and such will be removed.

VERY IMPORTANT: because of a rise in comment spam that's making it through our filters any comments that do not add to the discussion - typically off topic or content-free comments - run a very high risk of being flagged as spam and removed.

If you have a new question unrelated to the article above, ask it on the Ask Leo! ask-a-question page.

Your email address will not be published. Required fields are marked *