Move quickly!
Hacking can happen to any account, and it seems like we have more online accounts than ever; therefore, it's possible you could get hacked. If you suspect you have been, try not to panic. It never helps. So take a deep breath and work through the steps below as calmly and as soon as possible.
Become a Patron of Ask Leo! and go ad-free!
If you suspect your account has been hacked, the basic steps are:
- Recover access
- Change the password
- Update account recovery information
- Learn from the experience
- Get help if you need it
While the steps are generally the same, I have a couple of articles on specific services or situations that might apply. If your situation falls into one of those categories, those articles may have more specific information for you.
- Facebook Hacked? What You Need to Do NOW!
- My Email Is Hacked, How Do I Fix It? – 7 Things You Need to Do NOW!
1. Recover your account
Sign in to your account right away. If you can, go to step 2.
If you can't, even though you know you're using the correct password, then your password has probably been changed by the hacker.
Most services will include a "Forgot password?" or similar link on their sign-in page. Click on that link and follow the instructions.
Important: follow those instructions carefully and completely. Examine all available recovery options along the way. Many people give up after one attempt, having overlooked the fact that there may be additional recovery options.
If none of the available techniques work, then it's time to reach out to the support or customer service options for the service in question. This may not be an option for all accounts, particularly free accounts.
If you cannot recover access to your account, it is now the hacker's account. Unless you backed it up, everything in it is gone forever, and you can skip the next two items. You'll need to set up a new account from scratch.
2. Change your password
When you regain access to your account, or if you never lost it, immediately change your password. You may not need to, but then again, the hacker may know it. Better to be safe and change it as soon as you can.
As always, make sure it's a good password: easy to remember, difficult to guess, and long. In fact, the longer the better, within the service's limits.
But don't stop. Changing your password is not enough.
3. Change (or set) your recovery information
While the hacker has access to your account, they may elect to leave your password alone. That way, you may not notice the hack for a while longer.
If the account includes recovery information -- the information you'd use in step 1 above to regain access to your account -- hackers often change it all. The reason is simple: when you finally get around to changing your password, the hacker can follow the "I forgot my password" steps and reset the password out from underneath you and hack your account again, using the recovery information they set.
Check all your account recovery information.
Check the email address(es) associated with the account. Remove any you don't recognize or no longer have access to. Make sure they all belong to you and that you can access those accounts.
Check any phone number(s) associated with the account. Remove any you don't recognize and make sure that any phone number listed is yours and no one else's.
Overlooking information entered for account recovery could allow the hacker to hack back in. And, of course, setting no recovery information dramatically lessens the chances of recovering a hacked account. Take the time to carefully review and/or set up this information, now.
4. Learn from the experience
One of the most important lessons to learn from this experience is to consider all the ways your account could have been hacked, and take steps to protect yourself from it happening again.
- Use long passwords that can't be guessed. Use a password vault so you can use secure passwords.
- Set and keep all recovery information associated with the account up to date.
- Don't share your password with anyone.
- Don't fall for phishing attempts. If they ask for your password, they are bogus.
- Don't click links in email or private messages you aren't 100% certain of. Many phishing attempts lead you to bogus sites that ask you to log in and steal your password when you try.
- If you're using WiFi hotspots, learn to use them safely.
- Keep the operating system and other software on your machine up to date, and run up-to-date anti-malware tools.
- Learn to use the internet safely.
- Consider enabling two-factor authentication, in which simply knowing the password is not enough to gain access.
If you are fortunate enough to identify exactly how your password was compromised (and that isn't common), take measures so it never happens again.
5. If you're not sure, get help
If you're having difficulty with the process, ask for help. Perhaps the service has support, perhaps they have a peer-to-peer discussion forum, perhaps you have a trusted techie friend.
While you're at it, find someone who can help you set up a more secure system for your account, following the steps above.
You and I are responsible for our own security. That means taking the time to learn and set things up securely. Yes, additional security can be seen as an inconvenience. Dealing with a hacked account is significantly more than inconvenient.
It's worth the trouble to do things right in the first place.
If that's still too much ... well ... expect your account to get hacked again.
Do this
Regain access to your account if you can. Once you have, or once you've set up a new replacement account, make sure to secure it properly.
For more tips on staying secure and making technology less frustrating, subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
Fine article Leo — as always — but I object to the title:
“What to Do When Your Account Is Hacked”
…makes it sound as though your account getting hacked is inevitable. Now I know thing these days are bad, but on the terrible day that the hacking of everyone’s account becomes inevitable, I’m giving up on security — and on the Internet as well — as a totally lost cause, for good and all.
Please change that “When” to an “If”!
Thank you. :)
Nope. I want people to pay attention. “If” allows people to say “it won’t happen to me”. Those are exactly the people it will happen to.
Leo,
Even more important is the fact that account hacks are becoming more common, AND sophisticated, daily. The question really is when, not if our accounts will be hacked. The single most important thing any of us can do to limit the damage of having an account hacked is to prepare for the eventuality as if it is a certainty. As I see it, there is no way to stop dedicated intruders. What we CAN do is make it as hard as possible for them in the hope that they will move on to easier targets.
My2Cents,
Ernie
I have 3 or 4 recovery emails set up for each of my accounts. That gives me more recovery options in case of a hack. It’s not perfect. Nothing is, but it gives you more options to recover the accounts.
It’s essential to make sure you have access to your recovery email accounts and phone numbers. That’s why I use several. In case one fails, I have others to fall back on.