Recovering a compromised account

A step-by-step guide to online account recovery

Email, bank, or social media account. Losing access to your digital account can be frustrating. This guide explains what you can do to minimize the damage and how you can regain access to your accounts.

How to find out if you have been hacked

Check your online accounts to see if there has been any unauthorized activity. Things to watch out for include:

• you can’t log in to your accounts
• changes to security settings
• messages or notifications sent from your account that you don’t recognize
• logging in or attempting to log in from strange places or at unusual times
• unauthorized money transfers or purchases from your online accounts
  

Steps to take if your account has been hacked:

1. Contact your account provider
   Go to the account provider’s website and search for the help or support page. They will explain the account recovery process in detail (it will probably be different for each account). Never use a link you received in a message or email. Always enter your domain name manually. If you can’t find what you need on the site, you can use a search engine query (for example, “How to renew my Twitter account”) and follow the links.
2. Check your email account
   Check your email filters and forwarding rules. A common tactic of cyber criminals is to set up a forwarding rule, which means they will automatically be sent a copy of all emails sent to your account (which would allow them to reset your passwords). Again, you can find detailed instructions on how to do this on your email provider’s website or use a search engine.
3. Change your passwords
   Once you have confirmed that there are no rules for forwarding unsolicited emails, you must: a) change the password for any account that has been hacked. b) change the password for any accounts that use the same password
   Both steps are important because cyber criminals know that many people use the same password for different accounts, so they will try the same “hacked” password for multiple accounts.
4. Log out all devices and apps from your account
   Once you have changed your passwords, you need to make sure that all devices and apps (that may still be logged in) are logged out of their respective accounts. This can usually be done in the “Settings” of the app or website (or it may be part of the “Privacy” or “Account” options). For specific

instructions on how to do this, please visit the support page for the relevant service. Once you have done this, anyone else who tries to use your account will be prompted for a new password.

5. Set up two-step verification (2SV)
   Many online accounts and services allow you to set up two-step verification (2SV), which means that even if a criminal knows your password, they won’t be able to access your accounts because they still need to have your phone, for example. 2SV (which is also known as 2FA or MFA) usually works by sending you a PIN or code, often in the form of a text message or email, which you then have to enter to prove that it’s actually you. It’s worth taking the time to set up 2SV on important accounts such as email and banking, even if they are already protected by a strong password. 2SV will significantly increase the security of your accounts.
6. Update your devices
   You should apply app and device software updates as soon as they become available. Updates include virus protection and will often include improvements and new features. Applying updates is one of the most important (and fastest) things you can do to prevent your account from being hacked. You should also turn on “automatic updates” in your device settings if they are available. This means you don’t have to remember to download updates. Updating your device can take some time and requires a reliable internet connection.
7. Inform your contacts
   Connect with your account contacts, friends, or followers. Let them know you have been hacked and suggest they treat any recent messages sent from your account with suspicion. This will help them avoid also being hacked.
8. Check your bank statements and your online accounts at e-commerce sites
   A compromised email account can often lead to misuse of your other accounts. Watch out for unauthorized purchases or check your bank account for any unusual transactions. You can contact your bank directly for further support. Again, always use the official website or social media channels or enter the address directly into your browser. Do not use links in any messages sent to you.
9. Contact the police
   If you have suffered a loss of money, tell your bank and report it to the police.
   If you cannot recover your account.
   In some cases, it may not be possible to recover your account. In these cases, you will need to create a new account if you want to continue using the service. Once you have done this, it’s important to provide your contacts with your new details and tell them that you have left your old account and to block your old account if possible to avoid attempts by attackers to also obtain their account.
   Remember to update any bank or utility or shop websites where you need to change your old details to new ones.

Sources: NCSC, TriglavSec