Scam Message Checker

Your email was hacked

Your email is the key to your other accounts, so a hacked inbox is urgent. Reset the password from a secure device, kick out other sessions, turn on app-based two-step verification, and check for hidden forwarding rules. Then secure the accounts that use that email to reset passwords.

Quick answer

Your email is the key to your other accounts, so a hacked inbox is urgent. Reset the password from a secure device, kick out other sessions, turn on app-based two-step verification, and check for hidden forwarding rules. Then secure the accounts that use that email to reset passwords.

  • Reset the password and sign out other devices.
  • Enable two-step verification with an authenticator app.
  • Scan for suspicious forwarding/auto-reply rules.
Most urgent

Do this now

  1. Reset your email password from a secure device.
  2. Sign out all other sessions and enable app-based 2FA.
  3. Check for and remove any forwarding rules or filters you didn't create.

Understanding what happened

Email is the master key to your online life, so a hacked inbox is urgent - but a fast, ordered response usually contains it. Reset the password from a secure device, sign other sessions out, and the attacker loses live access; the rest is cleaning up what they set up to stay in.

Most break-ins come from a reused or phished password. Once inside, attackers quietly add forwarding rules or filters so they keep seeing your mail, hunt for banking and account resets, and sometimes message your contacts - which is why simply changing the password isn't always enough.

The hidden danger is persistence: a forwarding rule or a still-valid app connection can let someone read your mail or intercept resets even after a password change. Checking and removing those, and confirming your recovery phone and backup email are still yours, is essential.

Because email controls password resets everywhere, securing it first then working outward - banking, then any account sharing that password - is the right order. Turn on app-based two-step verification so a stolen password alone can't reopen the door.

First 5 minutes

  1. Reset the password and sign out other devices.
  2. Enable two-step verification with an authenticator app.
  3. Scan for suspicious forwarding/auto-reply rules.

First 24 hours

  1. Review sent/deleted items for messages the attacker sent.
  2. Reset passwords on accounts linked to that email.
  3. Warn contacts if scam messages were sent from your address.

Next 7 days

  1. Check account recovery options are still yours (phone, backup email).
  2. Watch for unusual logins and keep alerts on.
  3. Review connected third-party apps and revoke unknown ones.

What not to do

  • Do not reuse the old password anywhere.
  • Do not skip checking forwarding rules - attackers hide there.
  • Do not ignore reset emails for accounts you didn't request.

Evidence to save

  • Login history showing unfamiliar access.
  • Any forwarding rules or filters you found.
  • Messages sent without your knowledge.

How to save scam evidence →

How to report

  1. Gather your evidence first (screenshots, dates, amounts, any reference numbers).
  2. Report to your national fraud/cybercrime body and, if money moved, to your bank.
  3. Find the right official links for your country in the reporting directory.

Find official reporting links for your country in the reporting directory.

  • Do not use phone numbers or links from the suspicious message - look up the official ones yourself.
  • Report quickly if money was sent or ID documents were shared; speed improves your options.
  • Keep your evidence - see how to save scam evidence.

Beware 'recovery' offers afterwards: anyone who contacts you promising to get your money back for an upfront fee is running a second scam.

Stop it happening again

Use a long, unique password for email and app-based two-step verification; email deserves your strongest protection because everything else depends on it.

Periodically review forwarding rules, filters, connected apps, and recovery options to make sure they're still yours.

Related scam types

Related red flags

Related terms

This is general safety information, not legal, financial, or cybersecurity incident-response advice.

Still have the message?

Check it to understand the red flags and how to report it.

Check a message

Frequently asked questions

Why check forwarding rules?

Attackers add hidden rules to keep copies of your mail or intercept resets even after you change the password.

What should I secure first?

Email itself, then banking and any account that uses that email for password resets.

Get scam safety updates

Practical scam alerts, new examples, and simple safety tips. No spam. No sensitive message data.

We only collect your email address, optional name, consent status, signup page, and signup time. See our privacy policy.