A hand holding a locked padlock with an envelope next to it

From communication at work to online registrations and family catch-ups, email plays a big role in our daily lives. As a result, a lot of sensitive data is shared via email. This may include proprietary business information, financial statements, medical records, and details about your personal life.

Needless to say, protecting your email accounts is crucial if you want to keep all sensitive data private. Follow along for tips on how to protect your email and identify the signs that it may have been compromised. 

Table of contents

    How do I know if my email has been hacked?

    To properly protect your email, it’s vital to recognize the signs of a hacked account. Here are some of them:

    • Password resets: unexpected password reset emails or notifications are often an indication that someone attempted to hijack your email or linked accounts. 
    • Inability to log in: if your usual password doesn’t work, chances are it has been changed to lock you out. 
    • Unusual emails in sent folder: regularly check your sent folder for unfamiliar emails. Your account might have been used to send spam or malicious emails.
    • Complaints from contacts: if friends, family, and contacts report receiving weird or spammy emails from your address, it’s highly likely that your account is compromised. 
    • Changes in settings: changes to email settings, such as new forwarding rules, different recovery options, and disabled 2FA (two-factor authentication), are common tactics used by malicious actors to cover their tracks.
    • Login alerts: security notifications about logins from locations or devices you don’t recognize are warning signs of an intruder in your inbox. 
    • Strange IPs: check your email’s activity log for unfamiliar IP addresses and locations. These are red flags suggesting that someone might be accessing your account without permission. 

    Tips on how to protect your email from spammers and hackers

    There are practical measures you can take to protect your email. Let’s go over a few: 

    Use a strong original password

    This might seem like a no-brainer, but it’s one that many people neglect: a strong, unique password is your first line of defense against malicious threats. 

    A good password should be hard to guess and tough to crack. Refrain from using clichés like “abc123,” “password,” and “qwerty.” Instead, your password should be a longer mix of uppercase and lowercase letters, numbers, and symbols. 

    Don’t recycle the same password for all your accounts, either. While it may be more convenient, it’s unwise. If someone gets hold of your password, they could use it to access all your accounts. This includes your email, which could be used to reset passwords for your other services. 

    Enable two-factor authentication

    Most email providers, including Gmail, Yahoo Mail, and Outlook, offer two-step verification to enhance account security. When enabled, you must verify your identity using more than just your email address and password during login. 

    Common 2FA methods include:

    • Security codes sent to your phone via calls or text messages;
    • Codes generated by authenticator apps like Google Authenticator;
    • Verification codes sent to alternate email addresses. 

    Some providers also allow physical security keys, while others support biometric verification. For instance, Apple Mail lets you use Face ID or Touch ID for authentication. 

    This extra layer of security means that even if someone has your password, they can’t access your account without clearing the second verification step. 

    Regularly run software updates

    Make sure that you’re running the latest versions of your operating system and email app. Regular software updates are essential as they patch security flaws that could be exploited. If not addressed, these vulnerabilities could be used to access your private data or hijack your email. 

    Software updates also typically introduce new security measures or improvements to existing ones to protect against the latest threats. Plus, they modify or get rid of the older features that might be vulnerable to attacks.  

    Use a VPN (Virtual Private Network) when checking your email

    A premium VPN like Surfshark enhances your email security by encrypting all the data you send and receive. Once encrypted, any sensitive information in your emails — whether it’s trade secret, private chat, or hotel booking — turns into complete gibberish to anyone who might attempt to intercept your data. 

    Block spam and unauthorized senders

    Spam emails aren’t just a nuisance but are also downright dangerous. They often contain malicious links or attachments that can infect your device with malware, such as viruses, Trojans, or ransomware.

    To keep your email safe, set up a spam filter and swiftly block any suspicious senders to ensure you don’t accidentally interact with harmful content. Most email clients have a “report spam” feature that you can use to inform your email provider about potential spam, protecting yourself and others by doing so.

    Keep an eye out for phishing attacks

    Phishing emails usually impersonate well-known brands and companies to trick you into sharing sensitive information like passwords and bank details. They might even try to get you to transfer money or install malicious software. 

    Look out for signs of phishing, such as urgent or threatening language, sloppy grammar and spelling, and offers that seem too good to be true. Be sure to examine the sender’s email address, too. Phishers often use domain names that closely resemble those of legitimate companies. 

    Like spam, you should quickly report and block phishing emails. If in doubt, verify the sender’s identity by contacting the company directly using contact details from their official website.

    Protect your real email address with aliases

    Sharing your email address might seem harmless, but it can reveal significant details such as your full name, workplace, and location. Using an email alias helps shield this personal information. 

    An alias works just like a forwarding address — emails sent to it are redirected to your main inbox, keeping your real email address hidden. This means you don’t have to give away your actual email address when signing up for online platforms, discounts, newsletters, and other services. 

    You can also ditch the alias if it receives too many spam and phishing emails or if it’s compromised. Your main account remains unaffected and you don’t lose any vital emails.

    To make this even easier, Surfshark offers Alternative ID with all its plans. This feature allows you to create alternative emails complete with personas, including an alternative name, last name, and even address. The best part about it — you can create it all in a matter of seconds. No need to set up new accounts in detail every time.

    Avoid checking your email on public Wi-Fi

    Public Wi-Fi at malls, airports, and hotels might be convenient, but it’s far from secure. These networks often don’t have the necessary protection, leaving your personal information, including emails, vulnerable to hackers. 

    Checking your email while on public Wi-Fi means that you risk exposing both your email contents and login details to cybercriminals. If they gain access and take over your account, they can misuse it to launch attacks, spam, or engage in other malicious activities.  

    To protect your email, always use a VPN when you’re checking your account on public Wi-Fi. A VPN encrypts all traffic to and from your device, keeping your email account and content private.

    The final word: you should protect your email

    Since it’s an integral part of both our personal and professional lives, it’s important to know how to protect your email. Once you can spot the signs of a hack and know how to secure your email, keeping it safe becomes an easy routine. 

    Kickstart things today by switching to a stronger password, enabling 2FA, and securing your connections with a VPN. In fact, why not get one right away?    

    Protect your email
    Keep the snoopers out of your inbox with a VPN


    How do I protect my emails in Gmail?

    To protect your emails in Gmail, use a strong, unique password for your account and secure your internet connection with a VPN. Additionally, enable two-step verification and regularly update your operating system and Gmail app to help prevent unauthorized access. 

    Can I tell if my email has been hacked?

    Yes, you can tell if your email has been hacked by looking out for a few key indicators. Common signs include unexpected password resets, inability to access your email account, and unfamiliar activities and settings changes.

    How do I know if my email is secure?

    There’s no way to be 100% certain that your email is secure. However, you can enhance its security by setting strong passwords, activating two-step verification, and encrypting your connection with a VPN. By consistently taking these steps and actively monitoring for signs of hacking, your email is likely to be secure. 

    Is Gmail more secure than Outlook?

    Gmail and Outlook both offer robust security protection with measures like spam filtering, two-step verification, and blocking functionalities. However, Outlook has slightly more advanced security features, such as Advanced Threat Protection, which monitors emails in an isolated environment, and password-protected folders.