The first thing to do after realizing you’ve been hacked is to secure your accounts by immediately changing all of your passwords and enabling Multi-Factor Authentication (MFA). You should also scan your device with antivirus software, secure your home WiFi network and reset your device.
Read on to learn ten steps you should take after discovering you’ve been hacked and the telltale signs that you’ve been hacked.
1. Quickly Change Your Passwords
The first step you should take after discovering you’ve been hacked is to immediately change all of your passwords. You can change all of your passwords quickly by using a password manager. A password manager is a tool that helps users generate, manage and securely store passwords in an encrypted digital vault that is protected with one strong master password. The master password is the only password users have to remember.
If your device is hacked, it’s important that when you’re changing your passwords you use a separate device that was not affected by the hack and is not connected to the same network as the hacked device. A hacked device is likely infected with malicious software known as malware, which can spread to other devices connected to the same network. Malware is used by cybercriminals to spy and collect sensitive data to use for other cyber attacks like stealing your identity or committing credit card fraud.
2. Enable Multi-Factor Authentication
MFA is a layered approach to security for your online accounts. Instead of only having to enter a username and password when logging into an account, you would also have to provide one or more additional authentication factors. Some common authentication factors include biometric authentication, like a fingerprint or face recognition, and Time-based One-Time Passwords (TOTP) from an authenticator app.
Enabling MFA on your online accounts after discovering one of your accounts has been hacked will prevent the cybercriminal from being able to hack into your other accounts as well. It’s a cybersecurity best practice to always have MFA enabled on your online accounts, whenever possible.
3. Scan Your Device With Antivirus Software
Antivirus software is a program you install on your device that scans for malware and other viruses, and then removes them. If a cybercriminal has hacked your device, there’s a possibility that they may have installed malware without you knowing. If you’ve discovered that your device has been hacked, use antivirus software to scan it and remove any malware or viruses it detects. It’s important to note that if it’s a newer type of virus or malware, the antivirus software may not be able to detect and remove it.
4. Secure Your Home WiFi Network
If a cybercriminal is able to successfully hack your device, they may also attempt to hack your home WiFi network. To prevent this from happening, immediately disconnect your hacked device from the internet. This can prevent your home network and any devices connected to it from being compromised too.
5. Reset Your Device
Even after running antivirus software on your infected device, the virus may still be present. This is usually due to malware known as “persistent malware.” This type of malware is designed to run deep on your device’s Operating System (OS) making it more difficult to get rid of. You’ll need to factory reset your device to completely remove it.
It’s possible that after hacking your device or account, the hacker will be able to send messages to your contacts. For example, if a cybercriminal has breached your email account, they can send phishing emails to your contacts pretending to be you. Or if a bad actor has hacked your Instagram account, they can send messages to your followers.
As soon as you notice that one of your accounts has been hacked, notify your contacts right away. Doing this will let your contacts know to ignore any messages that come from your account. Make sure to let your contacts know that they shouldn’t click on any links or attachments they are sent to them, because it could lead to them being hacked as well.
7. Lock Your SIM card
Some hackers will go so far as to contact your phone provider and get them to switch your phone number to a new SIM card. This is also known as SIM swapping. When you are a victim of SIM swapping, the hacker who was able to swap out your SIM will start receiving all of your incoming texts and phone calls, and you’ll lose service on your phone. This is dangerous because they can use it to trick your contacts into providing them with sensitive information.
If you’ve discovered that any of your online accounts or devices are hacked, lock your SIM card immediately. You can lock your SIM card by contacting your mobile carrier and asking them to lock it. Your mobile carrier will give you a PIN or security question that you’ll have to provide if you ever want to switch your SIM card to a new device.
8. Freeze Your Credit
One hacked account or device can expose a great amount of your sensitive information to the cybercriminal who hacked it. Depending on the information the hacker can gather, they could use it to steal your identity and even take out loans under your name.
A crucial step to prevent this from happening is freezing your credit as soon as you’ve discovered that you’ve been hacked. You can do this by contacting each of the three credit bureaus, which are Experian, TransUnion and Equifax. To freeze your credit successfully, you’ll need to contact each bureau separately.
You can lift the credit freeze whenever you’d like, you’ll just need to verify that you are who you say you are as a security precaution.
9. Subscribe to a Dark Web Monitoring Service
In addition to taking the above steps, we also strongly recommend subscribing to a dark web monitoring service. These tools can help you monitor if any of your personal information, such as your account credentials, ends up being published on the dark web. Most password managers offer dark web monitoring as an add-on and will notify you as soon as they find your email, username or passwords on the dark web. This enables you to take action by updating your credentials immediately.
If you can’t seem to regain access to one of your hacked accounts, contact the company which you made the account with. They may be able to assist you in getting your account back, but if not, you’ll likely need to create a new one.
How Do I Know if I’ve Been Hacked?
Here are some telltale signs that you’ve been hacked.
Receiving password reset emails or 2FA codes you didn’t request: When someone is attempting to hack into your account, you’ll start receiving password reset emails and 2FA codes that you didn’t request. It’s important that when you receive these notifications, you take action to secure your account right away.
Not being able to log in to your accounts: If you’re unable to log in to your account and know that you’re entering the correct credentials, it’s likely that someone has hacked into your account and changed your password.
Unusual transactions on your credit card or bank statements: Another sign of being hacked is seeing transactions you didn’t make on your credit card and bank statements. You must let your bank or credit card issuer know right away so they can cancel your card and prevent the threat actor from making any more purchases.
Your contacts are saying you’ve sent them strange messages: If you start receiving messages from your contacts saying that you’ve sent them strange messages, one or more of your accounts has likely been hacked. If this is the case, ask your contact where they received a message so you know which account of yours is hacked.
Your device’s camera indicator light is on: When a cybercriminal hacks your device, they often install spyware on it so they can see your device’s screen and gain access to your camera and microphone. Spyware is often disguised as a legitimate-looking app or software. If you notice that your device’s camera indicator light is on when you’re not using the camera, it’s very likely that your device is hacked and has spyware installed on it.
Slow device or network connection: When devices are hacked, the malware or virus on the device can cause it to run slower than usual because it’s running in the background. Apart from your device running slower, you may also notice that it’s hot and the battery is draining faster than normal.
Protect Yourself and Your Data From Malicious Hackers
Having your devices and online accounts hacked can cause a lot of damage that is difficult to recover from, especially if it leads to your identity being stolen. You must protect your devices and accounts from being hacked by following cybersecurity best practices such as the following:
- Use a password manager to create and store your passwords
- Enable MFA on all of your online accounts
- Only download apps and software from trusted sources
- Don’t click unsolicited links and attachments
- Keep your SIM card locked at all times
The better your cyber hygiene is, the less likely you are to be hacked. Improve your cyber hygiene today by starting a free 30-day trial of Keeper Password Manager so you can begin securing your online accounts.