What do I do if I suspect my email has been hacked?

Follow the steps below if you believe there has been unauthorized access to your mail.com email account.

What security measures should I take after unauthorized access to my account?

If you have learned from a reliable source that your mail.com email has been hacked, you should carry out the following steps in the suggested order after you regain access to your account:

Change your mail.com password

Even if you have already changed your password with the reset link from customer service, you should change it again now. This is the most important step.

How to change your mail.com password:

  1. Click Home and My Account.
  2. On the left side, click Security Options.
  3. Under Password click Change password.
  4. Enter your current password.
  5. Enter the new password in the two lower boxes.
  6. Confirm the new password by clicking Save changes.

Perform a virus scan

Use an antivirus program to perform a scan and remove any detected malware. Please consider using a reputable online tool for this purpose, since a program installed on your device may have been compromised. Should the program detect a virus infection, after it has been removed it is important to change your password again, even if you have just done so.

Check your contact email address and cell phone number

Check your contact email address and cell phone number. If these have been changed by a hacker, unless you correct them the hacker will be able to use the password recovery process to regain access to your email account. For step-by-step instructions on entering or updating this data, please see “Protect Your Email” below.

Check your filter rules and mail collectors

Filter rules and mail collectors can be changed by hackers and used to forward your emails without you noticing. Check to make sure none of your settings have been changed.
For step-by-step instructions, please see:

Check alias addresses and sender names

Check whether the hacker has set up an alias address or saved a new sender name to send emails from your account under another name. If you find alias addresses or sender names that were not created by you, delete them.

To check alias addresses and sender names

  1. Go to the E-mail tab and click Settings.
  2. Click Alias Addresses.
  3. Under Created E-mail Addresses, you can check which email addresses have been created in your account. To delete an email address, click the trash can icon to the right of the email address in question and confirm by clicking OK. Under Define Sender Name you will find the sender name that has been saved for your email address. To change the sender name, enter a new name and then click Save.

Check your personal data

Your name, date of birth or postal address may have been changed. This information is important if our customer service team needs to verify your identity, e.g. to restore access to a blocked account.

How to check your personal data

  1. Click Home and My Account.
  2. On the left side, click Personal Data.
  3. Click the field in which you’d like to enter data.
  4. Enter your current data.
  5. Enter your mail.com password and confirm by clicking Save changes.

What can I do to protect my email account?

Saving a contact email address and/or mobile number allows us to send you a reset link if you forget your password. This is the only way to automatically recover your password: If you have not saved the necessary information, you will have to contact our customer support team to have your password reset manually, which can take some time. It is therefore essential that you keep this information up-to-date at all times.

mail.com takes the security of our customers’ email accounts very seriously. Should you need to contact our customer support team, you may be asked some questions to identify you as the account owner. Keeping the personal data in your settings up to date is an important way you can protect the security of your account.

All of this information can be entered and updated under Home > My Account.
Screenshot: Location of My Account Button

For more information on updating your personal information, please see below:

Enter a contact email address

Save the address of another email account that you would like us to use to send you a link should you lose your password. This automatic process lets you reset your password and regain access to your account. The email address can be from any provider, but it should be an up-to-date address that you can access easily.

Follow these steps to add a contact email address:

  1. Click Home and My Account.
  2. On the left side, click Security Options.
  3. Under Contact email address, click Add contact email address.
  4. Enter an email address.
  5. Enter your mail.com password and confirm the changes by clicking Save changes.

Enter your personal data

The personal data in your account is used to verify your identity if you contact our customer support team, e.g. to regain access to your account if you have lost your password and have not saved contact information for the automatic password recovery process. mail.com does not share this information with any third parties.

Follow these steps to enter your personal data:

  1. Click Homeand My Account.
  2. On the left side, click Personal Data.
  3. Click the field in which you’d like to enter data.
  4. Enter your current data.
  5. Enter your mail.com password and confirm by clicking Save changes.

Activate 2FA

Activate two-factor authentication to require a 6-digit one-time password (OTP) each time you log in, in addition to your password. The OTP is generated on your smartphone using an authentication app. Use this option e.g. if you log into your email on a shared or public device. It prevents unauthorized persons from accessing your account even if they know your password.

To activate two-factor authentication, go to My Account > Security Options > Activate two-factor authentication and follow the instructions there. Please note that you will need to have your smartphone at hand for the setup process.