Links on Super Easy may earn us a commission. Learn more.

What To Do If Someone Is Using Your Email Address (2023)

Many of us tend to underestimate the importance of email addresses, and usually won’t realize our accounts are compromised until the inbox is bombarded by password reset emails and invoices. And that’s just the beginning — fraudsters can do a lot more with our email address.

If someone is using your email address, there’re actions you need to take to protect yourself. And in this post, we’ll show you how.

What can someone do with your email address

The answer depends largely on the person’s intentions. People will need to know your email address to contact you. But if someone knows what you used the email for, who you email to or even has access to your email account, that leaves you and your contacts vulnerable to phishing and identity fraud.

Once a fraudster gains access to your account, they can run a series of attacks to profit themselves, and the common ones include:

  • Gain access to your personal & work accounts
  • Hack your social media and Amazon accounts
  • Access your bank accounts and commit fraud
  • Impersonate you by email spoofing
  • Scam your friends, co-workers and your family

Many of us would consider social security numbers and bank accounts the most sensitive information in our life. But in fact, an email address sometimes can do a lot more damage than these two. If you notice signs that someone is after your email address, you can use the following methods to protect yourself.

What to do if someone is using your email address

1. Change the password and enable Multi-factor authentication

If you think someone is using your email address, you need to take back control immediately, and the first thing you should do is change the password. And this time, use a new and stronger combination. You can never be too careful especially when the account contains sensitive information.

You should also consider enabling multi-factor authentication for your account. This feature secures your login process by asking for a secondary authentication tool like an additional email, PIN or phone number.

Every major Simply check out the instructions below to secure your email address in seconds:

But changing the password doesn’t mean your account is safe. If the email has been compromised, you need to take further measures to prevent potential fraud or identity theft.

2. Check if your passwords are compromised

There’re many scenarios where our email addresses get compromised, and the most common one is in data breaches. While we aren’t able to prevent this from happening, there’re measures we can take to mitigate the potential risks.

You can use a data breach search service to check if any of your email addresses are compromised. And when it comes to checking data breaches, you’ll want to make Aura your first stop. It’s a reputable ID protection service featuring credit monitoring and identity theft alerts. It also offers a free scan page where you can easily check if your email account is still secure.

  1. Go to the Aura scan page.
  2. Enter your email address and click View Results.
  3. Aura will try to search for exposed data points containing your email address. If it locates a match, it’ll generate a report showing the compromised accounts and passwords.
  4. You can start the free trial to view the full report, and you’ll get the entire set of privacy solutions, including credit monitoring, bank statements monitoring, social media alerts, real-time fraud alerts, Antivirus, VPN and more.
You can also compare the result to other public databases like Have I Been Pwned to gain a comprehensive insight.

3. Use a password manager

Password managers are apps that generate, store and automatically fill in passwords for all the websites you visit. The most common ones are the browser built-in password managers (Like on Chrome or Edge).

But if you’re still using Chrome or your brain to manage passwords, it’s time to consider a safer alternative. Browsers are not designed to keep passwords. And most of our brains aren’t trained to memorize different combinations of digits and characters, which explains why we stick to the same set of passwords, which is usually the one-way ticket to identity theft or account takeovers.

With a reliable password manager like 1password and LastPass, you can keep your passwords protected and accessible anywhere, even when you constantly need to share it with others. And a trustworthy password manager saves you the trouble of filling out forms and copying across devices.

If your email account contains sensitive information, you should consider getting advanced protection with a password manager subscription.

You should also ditch your old password habits. That means no more post-it notes or using the same password around the web.

4. Report spoofing

Technically, email phishing, or spoofing, is an attack or scam in which someone tries to steal sensitive information using a deceptive email address. Fraudsters with access to your email address can easily impersonate you and scam your contacts. Even when they don’t know your password, they can easily use your email address to mask their own and commit fraud.

If you or anyone you know receives a suspicious email out of the blue, and you didn’t initiate the actions, you should be extra careful and check if it’s a scam. The common phishing emails usually take the following disguises:

  • Account recovery
  • Password reset
  • Invoice
  • Unrecognized login notice
  • Messages that sounds urgent or too good to be true

When you have doubts about the email, the first thing is to check the email details. Make sure the email is sent from a genuine source and the email address is correct and legit. And as the email address can be faked, you should also check the links in the email.

If you get an email about something you didn’t do (e.g. resetting password or email address), it’d very likely be a phishing email. In that case, make sure you don’t click any links in the email and you can report the email as phishing.

Wrap up

While there isn’t a one-size-fits-all solution to protect your email address, you can use an identity protection service like Aura to help you monitor online activities and minimize the risk of identity theft. If you think you’re a victim of email phishing, make sure you’ve secured the affected accounts and report it to the local law enforcement if you’ve lost money.

By Marcus Liang

As a writer at, Marcus possesses a special insight about computer issues and life hacks. In the quest of personal fulfillment, he writes handy tutorials and shares fresh information to help improve people's lives. In his free time, he dabbles with programming and web-developing.


Failed to load the Search bar. Please refresh the page and try again.
Click here to reload