A compromised account is an account with login details known by one or more unauthorized individuals. For example, if someone were to guess the username and password for one of your accounts, it would be compromised. It you use the same password for multiple accounts, they are all compromised as well.
How do accounts become compromised?
Below are a few ways an account could become compromised.
- Easy-to-guess username and password.
- Same password was used with another site that was hacked.
- Sharing account information with friends who then may share your account with their friends.
- Social engineering.
- Site or database storing usernames and passwords in plain text (not encrypted) is hacked.
- Data was intercepted over a non-secure Wi-Fi network.
What happens if an account is compromised?
Once an account becomes compromised, the person who gained access can now do anything you can do with it. For example, that individual might:
- Change the password to something only they know, locking you out of your account.
- Change the e-mail address and address on your account, then purchase products using a credit card that's on file in your account without you knowing.
- Use a service for free that you pay to use.
- Access sensitive or private information stored on your account.
- Send messages or distribute spam.
- Steal virtual goods from your account and transfer them to other accounts.
- Use your account for identity theft or social engineering to trick others into thinking they're you.
- Delete your account.
How do I know if my account is compromised?
Unfortunately, it's difficult for anyone that's not a computer security expert to know when your account is compromised. Therefore, taking precautionary steps can be beneficial. If you're concerned, try the following suggestions:
- Change your password to a unique password that you've never used.
- Enable 2FA (two-factor authentication), if available.
- If the site has security questions, change them.
- If you are using the same password with any other online accounts, change the password on those other accounts.
- Make sure your e-mail is secure with a strong password and 2FA enabled.
- Scan your computer for malware.