Your business email is the gateway to almost everything — client communications, financial transactions, employee data, and sensitive documents. If a cybercriminal gains access to your email account, the consequences can be severe: they can impersonate you to customers and suppliers, redirect invoice payments, access connected cloud services, and read months of confidential correspondence before you even realise something is wrong. For businesses in Dubai and across the UAE, where business is conducted heavily via email and WhatsApp, a compromised email account represents one of the most serious cyber incidents possible.
The challenge is that email account breaches are often silent. Unlike ransomware, which announces itself loudly, a hacked email account may operate normally while attackers read every incoming and outgoing message in the background. Knowing the warning signs and how to check if your email has been compromised is an essential skill for every business owner and office manager in the UAE.
Watch out for these indicators that your email account may have been accessed by an unauthorised party:
Check your Microsoft 365 or Google sign-in activity: In Microsoft 365, go to My Account → Security → Sign-in activity to see recent logins, devices used, and locations. In Gmail, scroll to the bottom and click "Details" to see recent access. If you see logins from locations or devices you don't recognise, your account has likely been accessed.
Review your inbox rules: In Outlook, go to File → Manage Rules & Alerts and review all rules. In Outlook Web Access, go to Settings → View all Outlook settings → Mail → Rules. Delete any rules you did not create. In Gmail, go to Settings → See all settings → Filters and Blocked Addresses.
Check your forwarding settings: In Microsoft 365 admin portal, you can check if any mailboxes have external forwarding rules enabled. In Gmail, go to Settings → See all settings → Forwarding and POP/IMAP to check for any unauthorised forwarding.
Use Have I Been Pwned: Visit haveibeenpwned.com and enter your email address. This service checks your email against known data breach databases to see if your credentials have been exposed in a public breach — including breaches from LinkedIn, Adobe, or other platforms where you may have registered with your business email.
Change your password immediately and enable MFA: If you suspect your account has been compromised, change your password immediately using a strong, unique password. Then enable Multi-Factor Authentication (MFA) on Microsoft 365 or Google Workspace. This is the single most effective step you can take to prevent further unauthorised access.
At Al Aida IT Technology, our security response team assists Microsoft 365 clients across Dubai in quickly identifying and responding to email compromise incidents — including revoking active sessions, auditing inbox rules, and strengthening account security through our IT AMC contracts.
If your business is struggling with email security or you suspect your account has been compromised, our team at Al Aida IT Technology LLC provides expert managed IT support, cybersecurity, cloud solutions, and IT Annual Maintenance Contracts (AMCs) across Dubai, Abu Dhabi, Sharjah, and the wider GCC region.
We respond within 1 business hour. Request a free IT consultation today — no obligation.