What should I do if I've been hacked?
If you believe you have been hacked or the company that is hosting your account was hacked, the most important thing to do is change your passwords.
Reset your passwords
Your account details are what most hackers want. If you cannot log into your account, try resetting your password. If resetting your password or the e-mail address associated with the account no longer work, look for an account recovery option. If all these options fail, you must contact the company directly to have them intervene.
When changing your password, keep the considerations below in mind:
- Make your passwords more complex; add numbers and symbols to them. Passwords like 1234, password, etc. are easy to guess.
- Don't use passwords that you've used in the past.
If you are using the same password for other accounts (which is not advised), you will need to change your other account passwords to be something different. Once a hacker determines your username and password, that information is can be used to compromise other accounts.
If you have a difficult time remembering all your passwords, use a password manager to store them safely.
If two-factor authentication is available, we highly recommend using it.
Check your machine
Make sure to scan your computer for any spyware and malware that may be stealing your account details or logging your keystrokes. If malware is found on your computer, you may want to reset your account passwords again, as infections may have logged your new password.
Verify account details
After you've changed your passwords, ensure that any shipping information is still your address.
If the account authorizes any third-party programs or apps (e.g., Facebook and Twitter), make sure they don't have rights you have not granted. Our best advice is to delete any app you are unfamiliar with or do not remember installing.
Let your other contacts know about the hack
If your e-mail account or any account with contacts is hacked, let your contacts know. Hackers often gain access to other accounts by using affiliated accounts since people are not as suspicious of e-mails coming from someone they know.
Verify past posts
If your social network (e.g., Google+, Twitter, or Facebook) was hacked, make sure there are no posts or messages that have been made on your behalf. Social network accounts are hacked to help spread spam, malware, and advertisements.
New accounts setup
If a hacker gains access to your e-mail, they often use it to set up new accounts. Check your inbox, sent items, and trash for any notifications that a new account was created using your e-mail address. If new accounts have been created, you can try logging into them by using the reset password feature and then delete the account.