What should you do if you think you have been hacked? Is there a new big site that has been hacked in the news? Not a surprise. What about those small sites that don’t even know they have been hacked that never make the news? Is something strange going on with one of your accounts?
First and foremost, change your passwords. If you use the same password for your e-mail as your hacked account, change it immediately before you doing anything else. You should use different passwords for different accounts. Especially your e-mail account!
How do you know?
Check your account activity. Does your account say you have done something or purchased something that you know you did not? Has your contact information or any other settings been altered in any way?
Check your inbox and deleted items. Have you signed up for new services that you don’t remember signing up for?
Is your computer or device running slower than usual or behaving in odd ways? Use a malware scanner and virus scanner to check your devices thoroughly.
These could all be signs that you have been hacked. Even if these don’t appear in your accounts or computer, but you know you logged into one of those big sites in the news, reset your passwords anyway.
Reset your passwords
Make sure you use different complex passwords at each site. Especially your e-mail account! Did I type that already? Of course, I did! It is important. One of the easiest ways to keep track of and generate complex passwords is with a password manager. Check our password manager article out here. Password managers like LastPass can be integrated into your workplace. I still love LastPass and even use it on my phone now. If you used unique complex passwords at all your sites, you would only have to worry about the hacked one.
Use two-factor (2FA) authentication whenever possible. You should be thinking about your email here! Most of the big free email providers offer some level of 2FA. Also, consider using biometrics to ease the pain of entering passwords.
If it is too late and someone else changed your passwords, most of the major services have a system to recover your accounts. Rember that part about 2FA and using a different password for your e-mail? Well here is where it can really help since most of these services send a link to your email.
Let other people know
You should let your contacts know you think you have been hacked. One the way hackers attempt to use your hacked accounts is by sending messages or e-mails to people that trust you. They are more likely to follow a link or believe something you sent.
De-Authorize your apps
If you were hacked, there is a good chance the hacker logged into a device and authorized apps too. This means even if you change your password, they will still have access. You can usually find this feature under the security settings of the service you allowed access too. Here are links to the big ones: Google, Facebook, and Twitter.