In this article:
In this article:
As soon as you see signs that your accounts or devices have been hacked, act quickly to remove malware, regain access, and minimize the damage.
As soon as you see signs that your accounts or devices have been hacked, act quickly to remove malware, regain access, and minimize the damage.
In this article:
In this article:
The signs of a hack can be immediate and obvious — such as being locked out of an account, or getting notified about a suspicious password reset request; or the signs can be more subtle and hard to spot — like discovering small yet unauthorized charges on your credit card, or noticing slight changes to your device’s look and performance.
Hackers can find stolen credentials in data breaches, prompt you to click on links in phishing emails, or trick you into downloading malware.
The unfortunate truth is that how you got hacked is less important than what you do once you’ve become a victim.
Regardless of whether you think or know you’ve been hacked, your response should be the same: act quickly to secure your accounts and prevent hackers from accessing your devices, data, and financial accounts.
Before you try to recover a hacked account, make sure you haven’t accidentally downloaded malware onto your device. Hackers use malicious software to give them “backdoor access” to your laptop, iPhone, or Android device. If you don’t remove malware, it puts you at risk of being continually hacked.
You can try to manually remove malware from your computer or Android or iOS mobile device, but a better option is to download antivirus software.
Which antivirus software can you trust? Typically, you want to avoid free antivirus software, as it likely won’t offer much more security than your device’s built-in protection. Instead, sign up for Aura for as little as $3/month to get access to a full suite of digital security tools, including advanced antivirus software.
Once you’ve cleared any malware from your device, it’s time to regain control of hacked accounts. Most hackers use leaked login credentials to gain access to their victims’ accounts. This can be especially dangerous if they access sensitive information — such as work, email, or online banking accounts.
As soon as you’re locked out of an account or see suspicious activity, follow the service’s step-by-step instructions on how to regain access.
Here are the account recovery processes for some of the most commonly used services:
Note: Every service has its own process for securing a compromised account. If you don’t see the one you’re looking for in the list above, you can search online for: “how to secure a hacked or compromised [service name] account” to find the exact steps you need to take.
Even if your account wasn’t fully hacked, take the opportunity to update your passwords and security questions, and enable additional account safety measures, such as 2FA.
📚 Related: Here’s What To Do After a Data Breach →
Your digital life is most likely interconnected — with multiple services using the same login information, third-party logins (such as “Sign in with Google” or your Facebook account), and even linked credit card details.
After a hack, you need to untangle these connections to ensure that hackers can’t gain deeper access to your data or financial information.
If you suspect hackers have access to your bank account or government benefits, contact each impacted company to let them know you’re a victim of fraud.
In many cases when you’ve lost money, the sooner you report the fraud, the better chance you’ll have of recovering stolen funds. For example, the Fair Credit Billing Act (FCBA) limits consumer liability for credit card fraud to $50 in most cases — as long as you report the fraud in a timely manner.
If your device has been hacked, it could infect other devices connected to the same network. As soon as you see signs of a hack, take your devices offline to minimize damage — either by disconnecting from your Wi-Fi network or by unplugging your device’s ethernet cable (or both).
📚 Related: How To Tell If Your Wi-Fi Is Hacked (And How To Fix It) →
Hackers can use your stolen information to take out credit cards and loans or open new accounts in your name — and ruin your credit score. A credit freeze prevents scammers from accessing your credit file, therefore stopping most attempts to take out credit in your name.
To freeze your credit, contact each of the three major credit bureaus individually — Experian, Equifax, and TransUnion:
What if you can’t freeze your credit? If you’re going to be applying for credit soon (such as for a mortgage or auto loan), you won’t be able to freeze your credit. Instead, ask for a fraud alert. This is a flag on your credit report that tells lenders to take extra steps to verify your identity. It’s not as secure as a credit freeze, but it can still help you protect your credit in the short term.
Hackers may use your hacked accounts to send your contacts scam messages, links, or attachments that infect their devices with malware. If you’ve been hacked, it’s a good idea to reach out to friends and family and tell them to check with you directly about any strange or suspicious messages coming from your accounts.
If you’ve followed the steps above and are still having problems with your accounts and devices, you may be dealing with persistent malware. This type of malicious software is designed to live deeply inside your device’s operating system, often requiring a full factory reset and OS reinstall to completely remove it.
Here’s how to perform a factory reset on both macOS and Windows devices.
Note: This step will delete all files, downloaded apps, and settings on your device (and still might not remove all viruses). Ensure that you have a secure backup to restore your data before doing a factory reset.
The full impact of a hack might not be apparent until weeks or months later. Continue to monitor your accounts for unusual activity, such as:
There are several resources that can help if you’ve been hacked — but the person or organization that you should contact depends on what was compromised and the extent of the damage.
After you’ve secured your hacked accounts, it’s time to make sure that you can’t get hacked again.
Here are some of the best ways to protect your accounts from common cyberattacks and online threats:
Outdated apps and operating systems often contain vulnerabilities that hackers can exploit. Don’t ignore software software updates — as soon as you receive an alert, follow through with it. Even better, set up auto-updates to keep your devices safe (without requiring any effort on your part).
Hackers use your social media accounts, search history, and other information they find about you online to hack you. Update your social media privacy settings to only allow close friends and contacts to view your profile. Then, remove any identifying information — such as addresses, phone numbers, and location data from old posts.
Passwords are often your first line of defense against hackers. Create unique passwords for each of your accounts, and enable two-factor authentication (2FA) whenever possible.
Compromised networks and routers give hackers easy access to the devices connected to them. Secure your home network by keeping your router’s firmware up to date and deactivating the remote administration option.
Anytime you log in to your accounts by using a public Wi-Fi network — especially sensitive accounts like banking — your information is at risk of being intercepted. Installing a virtual private network (VPN) — such as the one that’s included with Aura plans — prevents criminals from being able to see your browsing activity and sensitive information, including account passwords.
Opening spam emails gives fraudsters and hackers more information about you than you realize. Mark suspicious emails and SMS text messages as spam, and immediately delete them without opening. Never click on a link or download an attachment from a contact you don’t recognize.
Opt for “virtual cards” that encrypt your credit card data so that if you get hacked, scammers won’t be able to access your actual card information or funds. Virtual cards can be easily blocked or discarded in the event they become compromised, which is much more convenient than waiting for new physical cards to be mailed.
An email alias is a secondary email address that routes mail into your primary inbox. If your email alias is ever compromised, you can simply remove it from your account and create a new alias.
Editorial note: Our articles provide educational information for you to increase awareness about digital safety. Aura’s services may not provide the exact features we write about, nor may cover or protect against every type of crime, fraud, or threat discussed in our articles. Please review our Terms during enrollment or setup for more information. Remember that no one can prevent all identity theft or cybercrime.