It seems like not a day goes by where I don’t get a question from someone that boils down to their email account having been hacked.
Someone somewhere has gained access to their account and is using it to send spam Spam is tricky.
Similarly, hackers often set up a signature so that every email you send includes whatever it is they’re promoting – often a link to a malicious web site.
Each time someone emails you, they get this fake message in return – often written so it sounds like you actually sent it.
If your account includes the ability to set a different email address to reply to, make sure that’s not been set.
(There’s a strong argument for checking or changing the recovery information for these accounts, just as you checked for your email account, for all the same reasons.) If your email service provides an out-of-office or vacation-autoresponder feature, or some kind of automatic signature that appears at the bottom of every email you send, it’s possible people already know you’re hacked.
Hackers will often set an auto-responder in a hacked account to automatically reply with their spam.
This is perhaps the scariest and most time consuming aspect of account recovery.