Check email forwarding rules

Why? Hackers secretly forward your emails to themselves. Here are some examples of how to check for suspicious forwarding rules in different email providers:

  1. Gmail

Settings Path: Click the gear icon → See all settings → Forwarding and POP/IMAP

  • Check if emails are being forwarded to an unknown address.

  • Also check Filters and Blocked Addresses for any hidden rules.

  1. Outlook / Microsoft 365

Web Version: Settings → Mail → Forwarding and ensure no unexpected forwarding is enabled.

Desktop Client: File → Manage Rules & Alerts → Check for suspicious rules.

  1. Yahoo Mail

Settings Path: Click the gear icon → More Settings → Mailboxes → Check forwarding rules.

  1. Apple iCloud Mail

Web Version: Open iCloud.com → Mail → Click the gear icon → Preferences → Rules, and check for any unauthorized forwarding rules.

  1. ProtonMail

Settings Path: Settings → Email → Filters → Check for forwarding rules.

  1. Zoho Mail

Settings Path: Settings → Mail → Filters → Review forwarding rules.

Red flags to look for:

  • Any forwarding rules you didn’t create.

  • Emails being sent to unfamiliar addresses.

  • Filters that automatically mark emails as read or delete them.

What to do if hacked?

  • Disable suspicious rules immediately.

  • Change your password & enable 2FA.

  • Check for other compromised accounts.

Last update: 2025-05-12 14:39