Any one of these symptoms means there’s a good chance your email account has been hacked. If you notice any of these at any time, change your password immediately at account.aol.com.
You try to sign in but get a message from AOL: "We have detected unusual activity on this account."
People you know are getting emails from you that you didn’t send.
Your inbox is full of MAILER-DAEMON rejection notices for messages you didn’t send.
There are outgoing messages in your Sent, Drafts or Outbox folder that you didn’t create or send.
People in your Contacts list are telling you they are receiving strange email from you, but you DO NOT find any strange email in your Sent Folder: Your account has most likely been spoofed.
Your account folders (Sent, Deleted, Spam, Inbox, etc.) have been emptied or deleted.
Your Contacts list has been erased.
During sign-in or when sending a message, you’re asked to pass an image challenge (a box asking you to "Type the characters you see below").
Emails you try to send are suddenly getting refused and returned to you.
There are email addresses in your Contacts list that you didn’t add.
You keep getting bumped offline when you’re signed into your account.
Your email signature suddenly has a link you didn’t put there.
You’re not getting new mail, OR your new mail is going straight into your Saved IMs folder.
How to secure a compromised account
If you ever notice something strange going on with your AOL Mail account, the first thing you should do is change your password at account.aol.com. This will block whoever – or more likely, whatever computer program – has gained access to your account. We also recommend changing your Account Security Question (ASQ). Here are instructions for both, password first:
The L0ng3rY0uRPa$sw0rD is, the stronger it is. Mix in numbers and symbols. Make it tough, and something only you can remember! And make it new; don’t recycle an old password. You can change your AOL Mail password whenever and as often as you’d like. If you used the same password for other accounts – social media, financial services – change those passwords as well. We know it’s a pain, but keep different passwords for different services – it’s a good idea.
Go to account.aol.com and sign in. (If you forgot your password, click Forgot password.)
Next, answer your Account Security Question.
At the top, under "General Account Information", click Change Your Password.
Enter your old password in the top box and your new password in the bottom two boxes.
Under "Account Recovery Information", next to your Account Security Question, click Edit.
Click the New Question drop-down menu, and select a new ASQ.
Enter your ASQ answer in the Answer box and then click Save.
While you’re here, we recommend that you enter your mobile number and provide an alternate email address as added account recovery methods, just in case you forget your ASQ answer in the future.
You should also:
Review your "Away Message" in your AOL Mail settings (as well as AIM, if you use AIM) to ensure no one has inserted spam or other inappropriate content. Go to Settings, and in General, look in "Mail Away Message".
Review your Signature to ensure no one added spam, other inappropriate content or links. Go to Settings, and in Compose, look in "Rich Text / HTML".
If you send an email to firstname.lastname@example.org, we will flag your account and monitor it for further unauthorized activity. If we detect any suspicious activity, we will automatically take appropriate steps to help you secure your account.
Avoid getting hacked
The two strongest locks on your AOL Mail account are your password and your Account Security Question. Make them hard to guess but easy for you to remember. For instructions on how to change them, please click Secure a hacked account.
In general, when it comes to keeping your account secure, be paranoid!
Opt out of "Keep me informed" type options offered by services when you sign up.
Go to account.aol.com and add your mobile number or alternate email address - that are valid and that you can remember, so that if you ever need to recover your account, we can verify that you are the account owner. In the event of any problems down the road, you’ll be glad you did!
Always sign out of your account after you are done checking your email, especially if you use a computer or mobile device that can be easily accessed by someone else.