If you believe that one or more of your Internet accounts—email, social, financial—has been hacked (also known as compromised or breached), here are some possible indications to confirm your suspicions:
- People you trust report receiving email messages that you did not send.
- Social media friend requests are made to people you do not know. Or, messages you do not recognize are sent from your account.
- Although you are certain you have the correct password, you cannot log in to an account.
- You discover your personal data appearing in places it should not.
- Unknown charges or transfers appear in a bank or credit card account.
Attackers will also try to fool you into thinking an account has been compromised, thereby tricking you to enter passwords or financial information on a website designed to steal data. Remember that no legitimate entity will ever send an email saying you have been hacked, and the only malware notifications you should see will come from the anti-malware software you installed. (While this article focuses on online accounts and not malware, if one of your accounts has been compromised, it is worth scanning your computer with the free version of Malwarebytes or VirusBarrier Scanner, to be safe.)
When you suspect an account has been compromised, document everything you see with screenshots (Command-Shift-5) and move quickly to regain control over the accounts that were potentially hacked and to prevent others from possibly falling prey to the attacker. Try to verify the problem by:
- Alerting techs. Immediately alert us and be prepared to send us your screenshots and forward us any suspicious messages you have.
- Gathering evidence. Ask the person who told you about the problem to forward the message he or she received to one of your other email addresses, or to a close friend or family member, for scrutiny.
- Examining email. Scan your email Inbox, Sent folder, and Trash for messages you did not send. Also check your settings and filters to ensure incoming messages are not being forwarded elsewhere and then deleted.
- Checking social media. Connect to your social media accounts—even those you do not regularly use—and look for signs that suggest an attacker has been impersonating you, such as posts, messages, or friend requests.
- Auditing accounts. Log in to important accounts and look for suspicious activity, such as changes to accounts settings or login attempts from unfamiliar locations or IP addresses.
If you find evidence that one or more of your accounts has indeed been compromised, follow these steps:
- Immediately change the passwords for any affected accounts and whenever possible, turn on two-factor authentication. If you cannot get into an account because the password has been changed, ensure you have sole control of your email account and then trigger a password reset.
- Look through your accounts in your password manager and change passwords for the most important ones and for any accounts that may be related to the breach.
- Follow advice from the service of the account in question.
- Review account settings for unauthorized charges, especially recovery options like backup phone numbers and email addresses.
- For affected financial accounts, call the institution and ask them to lock the account to prevent any transfers.
- If your email account was used to send phishing messages, alert any contacts who might have received the messages about the hacking.
Although security breaches are stressful, dealing with them right away prevents the attacker from causing more damage. And remember, MC Services is here to help!
(Featured image by iStock.com/PUGUN SJ)
