10 Things to Do to Keep from Getting Your Email Hacked

If you think email hacks only happen to big companies or careless users, think again. Email is the #1 target for cybercriminals—and they’re not picky. 

Over 90% of cyberattacks start with email, and according to Verizon’s 2023 Data Breach Report, credential theft via email phishing is still one of the most common causes of data breaches. 

So, if your inbox isn’t locked down, your business (and personal life) are wide open. 

Here are 10 smart, doable ways to keep your email account safe—and your sanity intact. 

1. Use a Strong, Unique Password (No, "Summer2024!" Doesn’t Count) 

Yes, it’s obvious. And yes, most people still mess this up. 

Use a password that’s long, random, and never reused. Something like !S9jLp@WqvE82# instead of yourdogname123. 

Stat: Over 80% of hacking-related breaches are tied to stolen or weak passwords (Verizon DBIR). 

Pro Tip: Use a password manager (like Bitwarden or 1Password) so you don’t have to remember it. 

2. Turn On Two-Factor Authentication (2FA) 

This is hands-down the most effective way to protect your email—even if your password is compromised. 

With 2FA, even if a hacker has your login, they’d still need your phone or app code to break in. 

Stat: Microsoft reports that 2FA blocks 99.9% of automated attacks. 

Set it up via SMS, but even better—use an app like Google Authenticator or Authy.  

3. Never Click Suspicious Links (Even if It Looks Legit) 

Phishing emails are sneaky. They mimic banks, Amazon, even your coworkers. One click, and boom—your account is compromised. 

Always hover over links before clicking. If something feels off, it probably is. 

Stat: Google blocks over 100 million phishing emails every single day. 

When in doubt, open a new browser tab and go directly to the site yourself. 

4. Use a Custom Domain (If You’re Running a Business) 

Free email addresses like Gmail and Yahoo are fine for personal use—but if you’re running a business, using you@yourbusiness.com builds trust and control. 

Plus, you can enforce better security standards with custom domain email hosting. 

Stat: Businesses that use branded email are 9x more likely to be trusted by customers.  

5. Don’t Access Email on Public Wi-Fi (Unless You Use a VPN) 

That free airport Wi-Fi? It’s also free for hackers to snoop on. If you must check email on public Wi-Fi, use a VPN to encrypt your connection. 

Stat: 1 in 4 people have fallen victim to cybercrime via public Wi-Fi.  

6. Check for Login Alerts and Monitor Activity 

Most email platforms (like Gmail and Outlook) offer login history and suspicious activity alerts. Use them! 

If you see a login from a country you’ve never visited—change your password immediately. 

Stat: 58% of people don’t know their accounts have been hacked until it’s too late. 

7. Watch Out for Email Forwarding Rules 

This one’s sneaky. Some hacks don’t steal your data outright—they set up auto-forwarding rules to secretly monitor your emails. 

Check your account settings regularly to make sure no unknown rules are in place. 

8. Keep Your Devices and Apps Updated 

Outdated browsers, apps, or operating systems can create backdoors for hackers to access your email. 

Set your devices to auto-update, and don’t ignore those little “update now” buttons. They patch known vulnerabilities that hackers love. 

Stat: Over 60% of breaches exploit systems with available but uninstalled updates. 

9. Don’t Share Your Email Password—With Anyone 

Not with your assistant. Not with your spouse. Not with your dog walker. If someone else needs access, give them delegate access or a secure shared login via your password manager. 

Shared passwords = shared vulnerabilities. 

10. Use a Business-Class Email Provider 

If you're still using the default email from your web host or a free service for your business... upgrade. 

Providers like Google Workspace or Microsoft 365 offer enterprise-grade spam protection, security logs, and compliance tools that can stop threats before they reach you. 

Bonus: They boost your deliverability and professionalism, too. 

Don’t Let Hackers Into Your Digital Front Door 

Email is where your receipts, login resets, sensitive docs, and client comms live. If a hacker gets in, they’re not just stealing messages—they’re stealing your entire digital identity. 

Staying safe doesn’t require paranoia—it just takes proactive habits. 

Want help locking down your email setup, implementing 2FA, or upgrading your domain email? Managed Nerds can help you build a digital fortress—one inbox at a time.