We’re here 24/7. 365 days a year.
Ask questions. Find your answers. Connect.

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Compromised or spoofed accounts

When your email account is compromised, it means someone has hacked into it. They will be able to read your messages and send mail from your account. Spoofing is when a spammer sends out emails using your email address in the From field. The idea is to make it seem like the message is from you, in order to trick people into opening it. Your Sent folder will offer the best clue as to whether your account has been compromised or spoofed.

  • If you DO find emails in your Sent folder that you did NOT send: Your account might have been compromised.
  • If you DO NOT find any strange email in your Sent folder: Your account has most likely been spoofed.

Changing your password can help secure your account from being compromised in the future, and we recommend doing it regularly. For instructions on changing it, you can visit  Changing your email password

If you have used the same password for any other online accounts (not recommended!) ensure that you change them as well. The NCSC (National Cyber Security Centre) provide the following guidance.

Remove any Filters & Auto forwards 

Hackers often apply these as a method to keep on receiving your email without needing access to login to your account. Verify all E-mail filter rules. If there are any you did not create, delete them.

Check for any Auto Forwards that have been setup.

If you did not create them ensure you reset the auto forward option.

Check who is currently signed into your email account.

Verify Devices that are currently signed into your account. If there's any you don't recognise them, then hit the Sign out from all clients button. 


Spoofing is when a spammer sends out emails using your email address in the From field. The idea is to make it seem like the message is from you – in order to trick people into opening it. These emails do not originate from our email service and do not have any contact with the TalkTalk Mail system. The email addresses are cleverly edited to make them appear as though they're from us.  The message actually originates from the spammer's email account and is sent from their email server.


Look for any irregular activity including these telltale signs;

  • You'll receive a delivery failure message (from mailer-daemon) in your inbox that does NOT match any messages you've sent before.
  • You may get messages from people who received an email from you, that you did NOT send. 


It's not possible to stop email spoofing from happening, but there are things you can do to minimise your chances of it happening to you:

  • Don't post your email address where others can see it, such as on public websites like forums. Spammers often collect email addresses from websites like these
  • Keep your main email address private, just for friends and family. It's a good idea to set up a second email address if you regularly sign up for services online
  • Never reply to spam. When you reply, spammers will know your account is active and will continue to email you
  • Don't follow unsubscribe links in a spam email. This also tells the spammer that your account is active
  • When you register with a website, make sure you know what you are agreeing to


You can change any of the passwords for your email addresses that are stored in My Account.



If you're unable to reset your password because you don't have recovery details or they are no longer correct you'll need to contact us to update these. 



As a final pre-caution we would also recommend resetting any account linked to your email account. This will prevent hackers who may have already performed a password reset from being allowed to continue to access your other online accounts.