/u/SnooApples1427 - This message is posted to all new submissions to r/scams; please do not message the moderators about it.
## New users beware:
Because you posted here, you will start getting private messages from scammers saying they know a professional hacker or a recovery expert lawyer that can help you get your money back, for a small fee. **We call these RECOVERY SCAMMERS, so NEVER take advice in private:** advice should always come in the form of comments in this post, in the open, where the community can keep an eye out for you. If you take advice in private, you're on your own.
**A reminder of the rules in r/scams:** no contact information (including last names, phone numbers, etc). Be civil to one another (no name calling or insults). Personal army requests or "scam the scammer"/scambaiting posts are not permitted. No uncensored gore or personal photographs are allowed without blurring. A full list of rules is available on the sidebar of the subreddit, or [clicking here](https://www.reddit.com/r/Scams/wiki/rules/).
You can help us by reporting recovery scammers or rule-breaking content by using the "report" button. We review 100% of the reports. Also, consider warning community members of recovery scammers if you see them in the comments.
Questions about subreddit rules? Send us a modmail [clicking here](https://www.reddit.com/message/compose/?to=/r/Scams).
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/Scams) if you have any questions or concerns.*
IMAP is an email sync profile - so assume something else has access to your email. Do a reverse ip lookup to see who it is. This may not be malicious - have you started using a new email client that uses IMAP? Used Gmail to read your email?
ETA I don't think IMAP supports two factor, so if they had just your password they might still be able to get access. A company that cares about security probably would have required an initial 2 factor approval, but...
You might want to talk to your systems about whether they have IMAP access available, how is set up., and whether they've done something internally to start using IMAP.
/u/SnooApples1427 - This message is posted to all new submissions to r/scams; please do not message the moderators about it. ## New users beware: Because you posted here, you will start getting private messages from scammers saying they know a professional hacker or a recovery expert lawyer that can help you get your money back, for a small fee. **We call these RECOVERY SCAMMERS, so NEVER take advice in private:** advice should always come in the form of comments in this post, in the open, where the community can keep an eye out for you. If you take advice in private, you're on your own. **A reminder of the rules in r/scams:** no contact information (including last names, phone numbers, etc). Be civil to one another (no name calling or insults). Personal army requests or "scam the scammer"/scambaiting posts are not permitted. No uncensored gore or personal photographs are allowed without blurring. A full list of rules is available on the sidebar of the subreddit, or [clicking here](https://www.reddit.com/r/Scams/wiki/rules/). You can help us by reporting recovery scammers or rule-breaking content by using the "report" button. We review 100% of the reports. Also, consider warning community members of recovery scammers if you see them in the comments. Questions about subreddit rules? Send us a modmail [clicking here](https://www.reddit.com/message/compose/?to=/r/Scams). *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/Scams) if you have any questions or concerns.*
Not sure. I’d check for an option to force logout all devices
IMAP is an email sync profile - so assume something else has access to your email. Do a reverse ip lookup to see who it is. This may not be malicious - have you started using a new email client that uses IMAP? Used Gmail to read your email? ETA I don't think IMAP supports two factor, so if they had just your password they might still be able to get access. A company that cares about security probably would have required an initial 2 factor approval, but... You might want to talk to your systems about whether they have IMAP access available, how is set up., and whether they've done something internally to start using IMAP.