Cybersecurity 
Securing privileged accounts with FIDO2 security keys is the best way to protect them from internal and external threats because they offer enhanced security and convenience
8 min read
Published on January 04, 2024
If your online accounts keep getting hacked, you should scan your computer for malware, update your account passwords, enable MFA, check your account’s settings for suspicious changes, change your account’s security questions and place a fraud alert on your credit report.
Continue reading to learn the signs that point to your online account being hacked, steps to take when your account is hacked and how to prevent your account from being hacked again.
Signs Your Online Account Is Hacked
Here are some signs that point to your online account being hacked.
You can’t log in to your account
Being unable to log in to one of your online accounts is a sign that it might have been hacked. This is also known as an account takeover attack. When a cybercriminal hacks into your online account, one of the first things they will likely do is change your password so you’re locked out of your account and cannot kick them out of it.
If you know you’re entering the correct credentials for your online account but are unable to log in, your account has likely been hacked and your password has been changed.
Receiving notifications about login attempts or 2FA code requests
If you start receiving random notifications about unusual login attempts or you’re being sent 2FA codes you didn’t request, this means a cybercriminal is trying to hack into your online account. If you don’t notice these notifications right away, a cybercriminal may have already hacked into your online account.
Unusual transactions being made from your account
While storing credit card information in online accounts places you at a greater risk of credit card fraud, many people still choose to store their credit card information on retail websites. If you notice unusual transactions in your bank account, it’s likely that someone could have gotten a hold of your online account and is now using your stored credit card to make purchases without your knowledge or permission.
Changed account information
It’s important to always keep an eye on your account information to make sure none of it has been altered by someone else. If you suspect that one or multiple of your online accounts have been hacked, check your account information to see if any of your personal information has been changed. For example, check if your email address is still there and hasn’t been changed to someone else’s email address. Cybercriminals often swap out victim’s email addresses with theirs so they can have full control over your account and make it difficult for you to regain access to it.
6 Steps To Take if Your Accounts Keep Getting Hacked
If you find that your account keeps getting hacked, even after changing your password, here are some additional steps you should take.
Scan your computer for malware using antivirus software
It’s possible that a cybercriminal was able to hack your online account by installing malware on your computer. Malware is malicious software that can do different things based on the type of malware it is. For example, keyloggers, also known as keylogging software, can track your keystrokes to steal your passwords and other sensitive information you type on your computer.
To ensure that malware hasn’t been installed on your computer, install antivirus software. Antivirus software will scan your computer for different types of malware, and if it detects any, it’ll remove it for you. While most computers come with built-in antivirus software, third-party antivirus software offers additional protection against newer malware threats.
Update your account passwords to ones that are strong and unique
Changing your password by altering it slightly isn’t enough to prevent your account from being hacked again. To prevent your account from being hacked again, change your password to one that is strong and unique. We recommend using a password generator when creating passwords for each of your online accounts to ensure they always follow password best practices and aren’t easily guessable. If you’re worried about how you’re going to remember the passwords for each of your online accounts, consider investing in a password manager.
Enable MFA on each of your online accounts
Multi-Factor Authentication (MFA) is a security measure you can enable on most of your online accounts. With MFA enabled, in addition to your username and password, you would also have to provide an additional verification factor like a Time-based One-Time Password (TOTP) code from an authenticator application.
MFA is one of the most effective security precautions you can enable on your online accounts. A research report from Microsoft found that MFA prevents 99.9% of account compromise attacks – making it crucial to enable MFA whenever possible.
Double-check your account’s settings
As mentioned above, once a cybercriminal gains access to your online account they may alter your settings and personal information. Double-check that none of your settings have been changed to lessen the security of your account and to ensure none of your personal information has been altered. If you do notice any changes, change them back immediately before the cybercriminal can hack into your account again.
Change your account’s security questions
Some of your online accounts may have had you answer security questions in case you were to ever forget your credentials and they need to verify who you are. While security questions are a popular method for account recovery and multi-factor authentication, cybercriminals can attempt to guess them if you answered them correctly. This is due to your digital footprint. Your digital footprint encompasses the traces of data you intentionally and unintentionally leave behind while you’re on the internet. Your digital footprint includes the posts you make on your social media profiles plus the information that is collected about you on people search sites.
Your digital footprint is a goldmine for cybercriminals as it gives them insight into your personal life, especially if you’re someone who tends to overshare on their social media. To prevent cybercriminals from being able to answer your security questions, don’t answer them correctly, but make sure you’re able to remember your responses. As an example, say a security question is asking what your mother’s maiden name is. Rather than inputting your mother’s actual maiden name, input another name that you know you’ll be able to remember.
Place a fraud alert on your credit report
An additional security measure you should take – especially if your financial accounts have been hacked – is to place a fraud alert on your credit report. A fraud alert is a free notice that can be added to your credit report at any time. When a fraud alert is placed, it requires that your identity be verified before a loan can be taken out under your name.
Placing a fraud alert prevents anyone but you from being able to take out loans or open new credit accounts, which keeps your identity protected from theft.
How To Prevent Your Accounts From Being Hacked Again
To prevent your accounts from being hacked again, remember to never reuse passwords across multiple accounts, don’t insecurely share your passwords and learn how to spot phishing attempts.
Never reuse passwords or variations of the same password
The passwords created for your online accounts should never be reused and variations of the same password should never be used either. Reused passwords make your accounts more susceptible to being easily hacked. It can be difficult to remember passwords for several accounts, but a password manager can help.
A password manager is a tool that helps users create, manage and securely store their credentials. All a user needs to remember is a single password known as their master password. An added benefit to using a password manager is that it will also provide you with warnings if the passwords you’re using are considered weak or are being reused across multiple accounts.
Avoid insecurely sharing your passwords
Insecurely sharing passwords includes sharing passwords through text messages, messaging apps and email. These methods of sharing passwords are considered insecure because they can be easily intercepted by cybercriminals. Rather than insecurely sharing your passwords and placing your online accounts at risk of being hacked, share your passwords securely with the help of a password manager.
Some password managers like Keeper® don’t require that the recipient have a password manager account themselves. Keeper’s feature called One-Time Share allows you to securely share credentials and other sensitive information with anyone on a time-limited basis. One-Time Share even allows you to revoke access at any time, giving you full control over your data.
Learn how to spot phishing attempts
Phishing is a type of cyber threat that aims to get you to reveal sensitive information by pretending to be someone you know or a company you have an account with. Phishing is a common scam that cybercriminals use to get you to send them the logins to your online accounts. To prevent yourself from falling victim to a phishing attempt, you must learn the red flags that point to an email, text message or phone call being a phishing scam. Here are a few red flags to look out for.
- Receiving an unsolicited link or attachment and being urged to click it
- Being asked to provide sensitive information
- Getting told that if you don’t do what they say, you’ll face serious consequences
- An offer that seems too good to be true
- A warning from your email service provider saying “this message seems dangerous” or similar
Keep Your Accounts Safe From Malicious Hackers With Keeper®
With access to even one of your online accounts, hackers can cause a significant amount of damage which can result in financial loss and identity theft. One of the most important cybersecurity precautions you can take is securing your online accounts with strong passwords and enabling MFA whenever it’s an option.
A password manager like Keeper can help you secure your online accounts with both strong passwords and Two-Factor Authentication (2FA) by generating and storing them both in an encrypted digital vault.
Don’t let malicious hackers take over your accounts – start a free 30-trial of Keeper today to see just how simple it is to secure your online accounts.
