Help! My Account Has Been Hacked—What Should I Do?

ByEmily Dolloff

How would you realize that one or more of your Internet accounts—email, social media, financial—have been hacked? (Some prefer the terms “compromised” or “breached”—you may hear them from support techs.) Unfortunately, there’s no telltale warning sign because “hacked” could mean any number of things. Here are some possible indications:

  • People you trust report receiving email that you didn’t send.
  • Social media friend requests are made to people you don’t know, or messages you don’t recognize are sent from your account.
  • Although you’re certain you have the correct password, you can’t log in to an account.
  • You become aware of your personal data appearing in places it shouldn’t.
  • Unknown charges or transfers appear in a bank or credit card account.

However, attackers will also try to fool you into thinking an account has been compromised to get you to enter passwords or financial information on a website designed to steal data. Don’t assume you’ve been hacked just because you received a phishing email saying so or because you see unexpected notifications claiming your computer is infected. No legitimate entity will ever send such email, and the only notification about malware you should ever see would come from anti-malware software you installed.

(Speaking of malware, dealing with that is a topic for another day—we’re focusing on online accounts in this article. Nonetheless, if one of your accounts has been compromised, it’s also worth scanning your Mac with the free version of Malwarebytes or VirusBarrier Scanner, just in case.)

First off, don’t panic. It’s important to take a deep breath, document everything you see with screenshots (press Command-Shift-5), and move quickly to regain control over whatever accounts were hacked and prevent others from falling prey to the attacker.

When you suspect an account has been compromised, try to verify the problem. Do the following:

  • Alert techs: If the account in question is for work, immediately alert your IT department and follow their instructions. If it’s a personal account, contact us. Tell whoever is helping you that you have screenshots you can send and be ready to forward any suspicious messages you have as well.
  • Gather evidence: Ask the person who told you about the problem to forward the message they received to another of your email addresses, or to a close friend or family member so you can see what’s being said in your name. Scrutiny of the fake message may reveal information about what has happened, though you may need help from someone with more technical experience.
  • Examine email: Since email account breaches are the most concerning (because they can be used to reset passwords elsewhere), scan your email for messages you didn’t send or replies to such messages. Along with the Inbox, look in the Sent mailbox and the Trash. Also, check your settings and filters to ensure incoming messages aren’t being forwarded elsewhere and then deleted.
  • Check social media: Connect to all your social media accounts—even those you don’t use regularly—and look for posts, friend requests, messages, or anything else that suggests an attacker has been impersonating you.
  • Audit accounts: Log in to important accounts and look for suspicious activity, such as login attempts from unfamiliar locations or IP addresses or changes to account settings.

If you find evidence to suggest that one or more of your accounts have been compromised, follow these steps:

  • Immediately change the passwords for any affected accounts. We always recommend using a password manager like 1Password to generate strong, random passwords.
  • Whenever possible, turn on two-factor authentication.
  • If available for the account in question, follow advice from the service. Apple, Facebook, Google, Instagram, Microsoft, and Twitter all have advice on how to respond, as will many other companies.
  • Review account settings for unauthorized changes, especially recovery options like backup phone numbers and email addresses.
  • Look through your accounts in your password manager and change the passwords for the most important ones and any that might be related.
  • If you can’t get into an account because the password has been changed, make sure you have sole control of your email account and then trigger a password reset.
  • For affected financial accounts, along with changing the password, immediately call the institution and ask for their help locking the account to prevent any transfers.
  • If your email account was used to send phishing messages to contacts, you should alert any friends, family, and colleagues who might have received the messages that your account was hacked and that the previous message wasn’t from you.

Security breaches are stressful, we know, but it’s imperative that you deal with them right away. The longer you wait, the more damage the attacker can cause, including stealing your money, impersonating you, scamming your friends and family, and compromising your employer’s systems. We’re here to help.

(Featured image by iStock.com/PUGUN SJ)

Social Media: If you notice strange behavior in your online accounts, you might have been hacked. It’s imperative that you act immediately to verify the breach, change passwords, lock accounts, and alert support personnel. We provide steps here.

Similar Posts

  • The Best Apple-Related Gifts for 2021

    It may seem early to start thinking about the holiday shopping season, but with the global supply chain suffering pandemic-related slowdowns, there’s no…

  • Get yourself some Dux

    What is a Dux you ask? Dux is a really great product line from STM and one that we are really excited to begin carrying here at Small Dog. This product line up has cases for your iPad and your computer and for the last week or so I have been testing out the Dux case for Macbook Air.

    My first impression is that it gives my computer a sharp new look. I feel as though my computer is highlighted more in this case. It features a primarily clear case and then a border that comes in an assortment of colors. The one I am using is black and it really looks sharp and sleek on the computer.

    I will be the first to admit that I am not a huge fan of hardshell cases for computers. They do add weight to your computer and they can be hard to put on and take off. However, this case did stand out to me as soon as I saw it and I immediately asked for a sample so that I could test it out. It’s the reinforced border that caught my eye. The plastic is slightly different from that of the clear case and really gives you a feeling of protection for your computer.

    Customers ask me all the time why someone might want a hard shell case, it’s a combination of accessorizing and protection. Hard shell cases are great for those who might like to sticker their computers. You can sticker all you want on a removable case and not damage your computer. For people who bring their computers everywhere it’s a great way to protect them from the dings and scratches that can happen just by pulling your computer in and out, especially those whom might fly a lot. One piece of advice I will give users of hardshell cases is that you still need to remove them! The idea and concept of hard shell cases is to provide added protection to your computer, to keep it looking like new under the case. However, if you don’t remove the case from time to time and clean the case and computer from dust and debris your computer will still get scratches. I have seen countless computers get just as scratched up with these kinds of cases than those without and the cause is always the same: dirt build up. This particular case comes on and off much easier than some others on the market making my recommended occasional cleanings much easier to perform. After all you’ve probably purchased a hard shell case to keep your computer looking new.

    Overall I am very happy with this case, but the biggest test is yet to come. I am flying to Arizona next week for an event with one of our vendors, and I’ll be keeping this case on my computer for my travels. The real test will be if I notice the added weight while making my way through airports, so far I haven’t really noticed the increased weight in my daily travels.

    P.S. Hadley, even if it means burpees and laps in an airport terminal I plan to maintain my lead in our competition. It’s ON!

  • Businesses, Don’t Overlook Email Backup

    Cloud-based email services such as Google Workspace and Microsoft 365 dominate the market for organizational email for good reason. Dealing with the constant…