Finding yourself hacked is such a horrible experience. You can see posts from your friends and communicate with people through email, and then suddenly you have no way to get back into your account.
Your heart begins to race, your stomach drops, and you feel completely disconnected from everything you knew before you were hacked. You’re in the middle of an emergency with your computer, but also have had the unfortunate experience of having someone intrude upon your online life.
Key Takeaways
- Assessing the steps you need to take while your online account is hacked to not escalate the situation.
- Adopting the emergency fixes as the first-hour step to protect your primary email and password.
- Analysing your go-to strategy to deal with the stress you encounter when an account is hacked.
- Building a better shield to protect your account from future malware and other attacks.
The sense of panic you are experiencing is not just an overreaction on your part. In fact, your online accounts have become psychological extensions of your physical residence. Therefore, they contain all of your personal communications (text messages, email, etc.), photographs of family members, and financial records.
When your online account has been hacked and accessed by an outside party, your brain reacts instinctively to danger. This instinctive response causes your body to produce adrenaline, which causes your heart rate to increase, your muscles to tense up, and your breathing to become rapid—all of which can cause you to panic and act irrationally.
Before you do anything, you need to ground yourself. Take a slow breath. If you find yourself overwhelmed, you might even use a calming tool like the Liven app to practice a quick breathing exercise. The goal is to move from your panicked “emotional brain” back into your “logical brain.” You cannot fix a technical problem with a clouded mind. Once you have found a moment of stillness, you can begin the recovery process.
The first hour after an account has been compromised is spent extinguishing fires before they spread. In order to stop the hacker from accessing your other accounts, start by securing your ‘master keys’ (i.e. your primary e-mail) and password manager.
Once you have secured the ‘master keys’, log into your account and immediately change your e-mail password to a long, unique passphrase. While you are logged into your e-mail, check the ‘forwarding rules’ section of your settings. Hackers often set up rules that redirect your e-mails to their accounts without your knowledge, so delete any ‘forwarding’ addresses that are not familiar to you.
Next, visit the compromised platform and use the official “Secure My Account” link. Follow their recovery steps precisely. Most importantly, ignore strangers on social media promising to “unlock” accounts for a fee.
These are secondary scams targeting your desperation. By securing your email and following official channels, you regain control and prevent further damage to your digital life.
Once the immediate fire is under control, it is time to see what was touched. Spend some time looking through your recently sent messages, your posted photos, and your linked payment methods.
This part is unpleasant, but you need to be a detective. Screenshots should be taken of all suspicious behavior on your part.
If a hacker hijacked your account and posted something inappropriate or illegal on the Internet, these screenshots will serve as evidence when speaking to customer service or, in some situations, law enforcement. Documenting the time you lost access is critical for recovering your account.
Finally, you need to tell people. It feels embarrassing to admit you’ve been hacked, but your friends and family are at risk too.
If a hacker is using your profile to send “urgent” requests for money, your loved ones might fall for it because they trust you. A simple post or a group text saying, “My account was hacked; do not click any links from me,” can save everyone a lot of trouble.
By the middle of the day, you will likely be exhausted. Digital recovery is draining. You might be waiting for a customer support agent to email you back, and the silence can feel deafening. This is when the “what ifs” start to take over. You might start blaming yourself, thinking you should have been smarter or more careful.
The wait time for a support ticket to be resolved usually takes several hours or days to complete. No amount of staring at your inbox will speed this process up.
As the first 24 hours come to a close, your focus should shift from “recovery” to “prevention.” You never want to feel this way again, so it’s time to build a digital fortress. The single most important thing you can do is turn on Two-Factor Authentication (2FA). This means that even if someone steals your password, they still can’t get in without a code sent to your phone or an app.
Next, try some “digital spring cleaning.” Most people have far too many old apps and accounts that they do not use anymore. All of these unused accounts can become potential back doors for a hacker to enter your electronic devices.
Don’t worry, a password manager takes care of all the hard work for you, meaning that one breach from a small website doesn’t give the hacker full access to your entire electronic life.
You have had an incredibly emotional experience over the past 24 hours, yet here you are, right where you want to be, securing your main accounts, protecting your family and friends, and upgrading your security.
Not only that, you turned this total vulnerability into a new way of being resilient and have proven that even though a hacker can take your information, they cannot take your peace of mind.
Not only that, but you may not be able to stop bad things from occurring in the digital world, but you can choose how you will respond to the situation. By taking a deep breath and following a plan, you have shown that you can take back control of your life and that you are now back leading your own digital life.
Keep enforcing your new security habits, review your settings regularly, and move forward with confidence knowing you are in the driver’s seat.
The initial steps should involve changing your account password to a strong one and signing out of all devices, turning on two-factor authentication and checking your recovery information.
The first and primary step is changing your password or passwords if you can access them and the hacker hasn’t changed them.
They might use your information for financial gain or extort money from you by blackmailing or selling the information to the Dark Web.
The thing that hackers hate the most is effort and resilience that stand as a barrier to hacking.
