Changing the password to a difficult one normally gets rid of a hijacker. But ones that purport (spoof) to come from an email address but are from somewhere else, usually a spammer, are more difficult. I have found the Hotmail, yahoo and to a much lesser extent gmail are prone to hijacks. I have 6 email addresses and have not found my domain one (similar to a business) to have been hijacked and have only had a small problem with a gmail one which was quickly sorted by a password change. I have not had any problems with the other but I am careful where I post email addresses. For surveys, etc it is useful to have a throwaway one.
Surface Pro (2017) vs Surface Pro 4