Help! My Account Has Been Hacked—What Should I Do?

ByEmily Dolloff

How would you realize that one or more of your Internet accounts—email, social media, financial—have been hacked? (Some prefer the terms “compromised” or “breached”—you may hear them from support techs.) Unfortunately, there’s no telltale warning sign because “hacked” could mean any number of things. Here are some possible indications:

  • People you trust report receiving email that you didn’t send.
  • Social media friend requests are made to people you don’t know, or messages you don’t recognize are sent from your account.
  • Although you’re certain you have the correct password, you can’t log in to an account.
  • You become aware of your personal data appearing in places it shouldn’t.
  • Unknown charges or transfers appear in a bank or credit card account.

However, attackers will also try to fool you into thinking an account has been compromised to get you to enter passwords or financial information on a website designed to steal data. Don’t assume you’ve been hacked just because you received a phishing email saying so or because you see unexpected notifications claiming your computer is infected. No legitimate entity will ever send such email, and the only notification about malware you should ever see would come from anti-malware software you installed.

(Speaking of malware, dealing with that is a topic for another day—we’re focusing on online accounts in this article. Nonetheless, if one of your accounts has been compromised, it’s also worth scanning your Mac with the free version of Malwarebytes or VirusBarrier Scanner, just in case.)

First off, don’t panic. It’s important to take a deep breath, document everything you see with screenshots (press Command-Shift-5), and move quickly to regain control over whatever accounts were hacked and prevent others from falling prey to the attacker.

When you suspect an account has been compromised, try to verify the problem. Do the following:

  • Alert techs: If the account in question is for work, immediately alert your IT department and follow their instructions. If it’s a personal account, contact us. Tell whoever is helping you that you have screenshots you can send and be ready to forward any suspicious messages you have as well.
  • Gather evidence: Ask the person who told you about the problem to forward the message they received to another of your email addresses, or to a close friend or family member so you can see what’s being said in your name. Scrutiny of the fake message may reveal information about what has happened, though you may need help from someone with more technical experience.
  • Examine email: Since email account breaches are the most concerning (because they can be used to reset passwords elsewhere), scan your email for messages you didn’t send or replies to such messages. Along with the Inbox, look in the Sent mailbox and the Trash. Also, check your settings and filters to ensure incoming messages aren’t being forwarded elsewhere and then deleted.
  • Check social media: Connect to all your social media accounts—even those you don’t use regularly—and look for posts, friend requests, messages, or anything else that suggests an attacker has been impersonating you.
  • Audit accounts: Log in to important accounts and look for suspicious activity, such as login attempts from unfamiliar locations or IP addresses or changes to account settings.

If you find evidence to suggest that one or more of your accounts have been compromised, follow these steps:

  • Immediately change the passwords for any affected accounts. We always recommend using a password manager like 1Password to generate strong, random passwords.
  • Whenever possible, turn on two-factor authentication.
  • If available for the account in question, follow advice from the service. Apple, Facebook, Google, Instagram, Microsoft, and Twitter all have advice on how to respond, as will many other companies.
  • Review account settings for unauthorized changes, especially recovery options like backup phone numbers and email addresses.
  • Look through your accounts in your password manager and change the passwords for the most important ones and any that might be related.
  • If you can’t get into an account because the password has been changed, make sure you have sole control of your email account and then trigger a password reset.
  • For affected financial accounts, along with changing the password, immediately call the institution and ask for their help locking the account to prevent any transfers.
  • If your email account was used to send phishing messages to contacts, you should alert any friends, family, and colleagues who might have received the messages that your account was hacked and that the previous message wasn’t from you.

Security breaches are stressful, we know, but it’s imperative that you deal with them right away. The longer you wait, the more damage the attacker can cause, including stealing your money, impersonating you, scamming your friends and family, and compromising your employer’s systems. We’re here to help.

(Featured image by iStock.com/PUGUN SJ)

Social Media: If you notice strange behavior in your online accounts, you might have been hacked. It’s imperative that you act immediately to verify the breach, change passwords, lock accounts, and alert support personnel. We provide steps here.

Similar Posts

  • My visiting family went out dolphin watching today taking advantage of the sunny day. The dogs and I are hanging out at my home office and I am listening to some Eagles music as I work.

    Thank you for reading this issue of Kibbles & Bytes!

    _Don, Dean, Emily & Scott_

  • The Little Guy(s)

    You know I am a rabid Boston Celtics fan, and I have been since I was a child listening to games on my transistor radio, searching for the gravely voice of Johnny Most. These days our All-Star and team leader is Isiah Thomas who NBA hall of famer, Tommy Heinsohn, always refers to as the “little guy”. We have been thinking of changing our dog, Max’s name to the little guy as a result.

    It was little iPhone and little iPad Pro day at the Apple event. Apple introduced the 4-inch iPhone SE and the iPad Pro 9.7-inch tablet. In other hardware announcements, there were new watch bands for the Apple Watch and a new Lightning to USB 3 camera adapter. The original iPad Air is now discontinued and the iPad Air 2 with a more limited selection becomes the entry-level 9.7-inch iPad.

    I have gotten used to the size of my iPhone 6 but there are many people that want a smaller iPhone. Having a big iPhone 6 or 6+ sticking out of your back pocket is an invitation to theft and they do get a big bulky in the front pocket of your jeans. The iPhone SE uses the iPhone 5 form factor, with a 4-inch screen and aluminum case. The iPhone SE is not crimping on power though, as it meets almost all of the specifications of the iPhone 6s. It fails to match up to the current iPhone lineup only in the lack of the 3D Touch technology, the Taptic Engine that provides feedback you can feel, and slower wireless networking. It’s either $399 or $499, with 16 GB or 64 GB of storage, and comes in the same four colors, Silver, Space Gray, Gold and Rose Gold. We have found that most cases for the iPhone 5 should work with the iPhone SE. These are shipping on March 31.

    p{text-align: center;}. !http://blog.smalldog.com/images/4692.png!

    The 12.9-inch iPad Pro, introduced last year with the Apple Pencil and Smart Keyboard, has enjoyed some moderate acceptance as a productivity device. I can see how for some, it might be their only device. And for artists, architects and others the iPad Pro is a digital drawing board like no other. But it is 12.9 inches and that is just a bit large for some. Apple introduced the 9.7-inch iPad Pro to meet this need, which meets or exceeds many of the larger model’s specs.

    For instance, the smaller model’s screen can display more colors and adjusts its white balance to match the ambient light in the room. Its cameras are notably better — the rear camera is 12 megapixels instead of 8 and has a True Tone flash, while the front camera is 5 megapixels instead of 1.2 and can use the screen as a flash. Plus, the new iPad Pro can record 4K video instead of just 1080p. I assume we will see these upgrades to the 12.9 inch iPad Pro in the future but the smaller version is a powerhouse.

    The 9.7-inch iPad Pro’s A9X chip is somewhat slower, it has half the RAM, and its Lightning port transfers data at only USB 2 speeds. But if the size is right for you, prices start at $599 for 32 GB of storage and go up to $899 for 256 GB. It will be shipping on March 31 in four colors: silver, gold, space gray, and rose gold. Cases and accessories designed to fit the iPad Air 2 should work with the 9.7-inch iPad Pro. We have our orders in with Apple and should have stock by the launch date. I think this new iPad Pro is going to be the iPad of choice for a lot of people.

    p{text-align: center;}. !http://blog.smalldog.com/images/4689.png!

    Apple also introduced the $39 Lightning to USB3 camera adapter. It is much more than a camera adapter though and opens the Lightning port to a lot of USB devices. With the Lightning to USB 3 Camera Adapter, it’s easy to transfer photos and videos from your high-resolution digital camera to your iPad Pro.
    If you connect with a USB Power Adapter, you can connect USB peripherals like hubs, ethernet adapters, audio/MIDI interfaces, and card readers for CompactFlash, SD, microSD, and more. This is a new and important step by Apple in making the Lightning port much more versatile.