If you suspect that a business email account has been hacked, time is critical. A compromised email can give hackers access to sensitive company data, client communications, and even financial transactions. Acting fast can help prevent further damage. Here’s how to immediately lock down the account and secure your business.
Step 1: Sign Out of All Sessions
If you still have access to the email account, sign out of all active sessions to remove unauthorized users.
For Microsoft 365 (Outlook) Users:
1️⃣ Go to Microsoft Security and log in.
2️⃣ Click “Sign out everywhere.”
3️⃣ Change your password immediately (see Step 2).
For Google Workspace (Gmail) Users:
1️⃣ Go to Google Account Security.
2️⃣ Scroll to “Your devices” and click “Manage all devices.”
3️⃣ Click “Sign out” on any suspicious or unknown devices.
🚨 If you’ve lost access to the account, immediately go to Step 4 to recover it.
Step 2: Change the Password Immediately
Once you’ve signed out of all devices, create a strong, unique password for the account.
✅ Use at least 12+ characters (mix of uppercase, lowercase, numbers, and symbols).
✅ Avoid reused passwords—if the hacker got your old one, they might try it elsewhere.
✅ Use a password manager like Bitwarden or 1Password to store and generate strong passwords.
How to Change Your Password:
- Microsoft 365 (Outlook): Go to Microsoft Password Reset.
- Google Workspace (Gmail): Go to Google Password Reset.
Step 3: Enable Two-Factor Authentication (2FA)
2FA adds an extra layer of security, making it much harder for hackers to regain access.
How to Set Up 2FA:
- Microsoft 365:
1️⃣ Go to Security Settings.
2️⃣ Click “Add a method” and choose Authenticator App (recommended) or SMS. - Google Workspace:
1️⃣ Go to Google 2-Step Verification.
2️⃣ Follow the setup steps to enable Google Authenticator or SMS verification.
💡 If 2FA was already enabled but the hacker disabled it, go to Step 4 for account recovery.
Step 4: Recover a Locked or Hijacked Account
If you can’t log in, the hacker may have changed the password or disabled 2FA. Try these recovery steps:
For Microsoft 365 (Outlook):
- Go to Microsoft Account Recovery and follow the prompts.
- If you’re using a work account, your IT administrator can reset the password via the Microsoft Admin Center.
For Google Workspace (Gmail):
- Go to Google Account Recovery and follow the steps.
- If it’s a Google Workspace business email, ask your IT admin to reset your credentials.
🚨 If you still can’t recover the account, contact your IT department or email provider ASAP.
Step 5: Check for Unauthorized Access or Changes
Once the account is secure, review recent activity for any suspicious actions.
For Microsoft 365:
🔍 Go to Microsoft Sign-in Activity to check for logins from unknown locations or devices.
For Google Workspace:
🔍 Visit Google Security Checkup to review suspicious sign-ins and recent changes.
🚨 If the hacker forwarded emails, changed recovery info, or set up new rules, reset these settings immediately.
Step 6: Notify Your IT Team & Affected Contacts
If this is a company email, notify your IT team or administrator so they can:
✅ Scan for malware on company devices.
✅ Investigate data leaks (if the hacker sent phishing emails from your account).
✅ Strengthen company-wide security policies.
If your account was used to send fraudulent emails to clients or partners, send a warning email from a secure account to prevent phishing scams.
Step 7: Prevent Future Email Hacks
✔ Use strong, unique passwords for all accounts.
✔ Enable 2FA on all business logins.
✔ Monitor login activity regularly for suspicious sign-ins.
✔ Train employees on phishing awareness to prevent future breaches.
