I received an alert that someone signed into my email from another country. What should I do right now?
Act immediately — this is a potential account compromise. First, change your password right now from a device you trust. Make it a strong, unique password that you have never used anywhere else — at least 12 characters with a mix of letters, numbers, and symbols. Second, enable two-factor authentication (2FA) if it is not already on. In Gmail: Google Account, Security, 2-Step Verification. In Outlook: account.microsoft.com, Security, Two-Step Verification. Third, check for unauthorized changes: look in your Sent folder for emails you did not send, check email forwarding settings (Settings, Forwarding) for any unfamiliar email addresses, review connected apps and revoke anything suspicious, and check your email filter rules for any auto-delete or auto-forward rules the attacker may have set up. Fourth, sign out of all other sessions. In Gmail: scroll to the bottom of your inbox, click Details, then Sign Out All Other Sessions. In Microsoft: account.microsoft.com, Security, Sign Out Everywhere. Fifth, if the same password was used on other accounts, change those passwords too — attackers often try the same credentials on banking, social media, and shopping sites. Finally, run a malware scan on your computer with Malwarebytes to make sure there is no keylogger capturing your new password.
Need personalized advice? Chat with an expert for $3.
Our verified experts will provide personalized advice for your specific situation.
Average response time: under 2 minutes · Money-back guarantee
Chat with an Expert — $3 →
