Reclaim the inbox and clear what they planted

    Order matters: kill sessions and reset password before warning anyone. If you email contacts while the attacker still has access, you're warning the attacker, not your contacts.

    Common attacker artefacts to remove

      • Forwarding rule named like 'Inbox' or 'Junk' (sounds innocuous)
      • Filter that auto-deletes replies from your bank or accountant
      • OAuth grants to unknown 'mail' or 'productivity' apps
      • Delegated mailbox permissions you didn't set

    More from Communications Security

    No image

    Confirm the inbox is actively compromised

    Pin down which account, who's been emailed, and which sessions are unfamiliar.
    No image

    Make the next phishing email harmless

    Use a password manager, hardware key and email aliases so a single phish can't cascade.
    No image

    Use specialised victim resources

    Sextortion has dedicated services — they're free, confidential and fast.