Steps to Take if Your Email Account is Compromised or Hacked

If you believe your email account has been accessed without your permission, used to send spam, or shows other signs of compromise, please follow these steps carefully to secure your account.

1. Disconnect and Secure Access

• Sign out of all active sessions on every device (laptops, phones, tablets).

• Whenever possible, use a different, trusted device to perform the recovery steps.

• Do not continue using the compromised device until it has been thoroughly checked for malware or viruses.

2. Change Your Password

• If you haven’t already, immediately change your password to a strong and unique one:

  • At least 12 characters long.

  • Includes upper and lowercase letters, numbers, and symbols.

  • Avoid passwords you’ve used before or use on other websites.

• If you cannot log in, use the “Forgot your password?” option on the login pages for Everymail Webmail or Everymail My Account to recover access.

• If you're not receiving your recovery link, please send a mail from another email to info@everymail.com. We can check your recovery details and change them if needed. Please be prepared, that we will ask you questions about your billing details for authentication.

3. Enable Multi-Factor Authentication (MFA)

• If available, activate MFA to add an extra layer of security.

• Use an authenticator app (such as Sophos Authenticator) rather than SMS when possible.

4. Check for Unauthorized Changes

Once you’ve regained access, carefully review your account settings:

• Verify your recovery email address and phone number.

• Check for mail forwarding rules — attackers often set up hidden rules to forward emails elsewhere.

• Review the Sent and Trash folders for suspicious messages.

• Look through security alerts or recent sign-in activity and remove any unfamiliar devices.

5. Scan All Devices

• Run a full antivirus and malware scan on every device that accessed your account.

• Remove any detected malicious software before signing in again.

• If problems persist:

  • Reinstall your operating system (laptop/PC).

  • Perform a hard reset on mobile devices (phones, tablets).

6. Notify Your Contacts

• Inform your contacts that your account was compromised, especially if spam or phishing emails were sent from it.

• Advise them not to click any links or open attachments from suspicious messages.

7. Report the Incident

If Everymail or Open-Xchange has not yet been informed about the incident, please report it to abuse@everymail.com.

8. Monitor for Ongoing Issues

• Watch for unexpected password reset emails or unfamiliar activity.

• Regularly review your account’s security settings.

• Consider using a password manager to generate and store strong, unique passwords for all accounts.

9. Check Other Accounts

• If you used the same password elsewhere, change it immediately — attackers often reuse stolen credentials.

• Check if your email or passwords have appeared in known data breaches at haveibeenpwned.com.

10. If the Compromise Repeats

• Reinstall your system (laptop/PC).

• Perform a hard reset on mobile devices.

• Then repeat all steps above to ensure full security.

Reason for this is, that hidden malware might be still on your system and sending out your personal info/ login info to the hacker.