A guide to what to do if I've been hacked

Concerned you’ve been hacked? Learn how to recognize the signs of a cyber attack and take immediate action to secure your accounts and protect your data.

04-03-2022 - 11 minute read. Posted in: malware.

A guide to what to do if I've been hacked

What to do if I've been hacked: A step-by-step guide to regaining control

Cyberattacks are on the rise, and email hacking is one of the most common threats. Cybercriminals can gain access to accounts by exploiting weak passwords or leaked credentials, allowing them to steal sensitive information such as usernames, passwords, financial information, credit card details, and even your social security number. They may also install malware on your devices, track your activity, or even lock you out of your own accounts.

If you suspect you’ve been hacked, acting fast is crucial. In this guide, we’ll help you recognize the warning signs and provide clear steps to secure your accounts and personal data before further damage is done.

Identifying the hack

Recognizing that your online accounts or devices have been compromised is the first step to regaining control. Here are some common signs that indicate a hack:

  • Unusual login locations or devices: If you notice logins from unfamiliar locations or devices, it’s a red flag that someone else may have gained access.

  • Changes to account settings or passwords: Unauthorized changes to your account settings or passwords are strong indicators of a hack.

  • Malware or scams: The presence of malware on your device or receiving suspicious emails and messages can signal a compromise.

  • Identity theft: If someone is using your personal information to open new accounts or make purchases, it’s a clear sign of a hack.

By staying vigilant and recognizing these signs early, you can take swift action to secure your online accounts and prevent further damage.

How to tell if your email has been hacked

A hacked email account can lead to a chain reaction of compromised accounts. Recognizing a hacked account is crucial to prevent further damage. Watch out for these warning signs:

  • Receiving password reset requests you didn’t initiate

  • Unexpected logouts or inability to access your account

  • Outgoing emails you didn’t send, especially phishing emails sent to your contacts

  • Notifications of unfamiliar logins from new devices or locations

  • Unusual activity, such as deleted emails or settings changed without your permission

  • A sudden influx of spam messages

Your friends or colleagues reporting strange messages from your account

To confirm if your email has been compromised, visit Have I Been Pwned and enter your email address. This tool will show if your credentials have been exposed in data breaches.

What to do if your email has been hacked

1. Change your password immediately

Update the password for your hacked email account as soon as possible.

If you use the same password across multiple accounts, change those too.

Create a strong password with at least 12 characters, including uppercase and lowercase letters, numbers, and symbols.

Consider using a password manager to generate and store strong, unique passwords.

2. Enable two-factor authentication (2FA)

Two-factor authentication (2FA) enhances security by introducing an additional verification step, like a one-time code sent to your phone. Activate 2FA on all essential accounts, including:

  • Email

  • Social media platforms

  • Online banking

  • Cloud storage and work-related accounts

If you're unsure how 2FA enhances security, dive into our guide on two-factor authentication and why it’s crucial.

3. Scan your devices for malware and spyware

Hackers may have installed malware to track your activity or steal sensitive data. Perform a full system scan with a trusted antivirus or anti-malware program on all your devices:

  • Computers and laptops: Run a deep scan with up-to-date antivirus software.

  • Smartphones and tablets: Use mobile security apps to detect malware.

  • Check browser extensions: Remove any suspicious or unknown plugins.

If you're unsure how malware and spyware operate, explore our guide on malware threats and learn how spyware can compromise your data.

4. Check and remove email forwarding rules

Cybercriminals often set up email forwarding rules to receive copies of your emails, even after you regain access. Check your email settings and disable any unknown forwarding rules immediately.

5. Secure your financial accounts

If your email contained credit card, bank account, or banking information, take these steps:

  • Contact your bank to report possible fraud and freeze compromised accounts.

  • Monitor bank statements and transactions for suspicious activity.

  • Update payment information for important services, such as PayPal or subscription-based platforms.

6. Inform your contacts and prevent further damage

If hackers used your email to send phishing scams, your contacts could be at risk. Let them know immediately and advise them not to click on any suspicious links. Additionally, remove sensitive information, such as phone numbers, from your online profiles to protect against hacking.

7. Regain control of locked accounts

If the hacker changed your password and locked you out, follow your email provider’s account recovery process. Most platforms, such as Google, Microsoft, and Yahoo, allow you to verify your identity and reset your credentials. Securing your email account is crucial as it serves as a gateway to other accounts, and hackers can exploit access to your email to gain control over additional online accounts through password reset features.

8. Review your account activity and security settings

Most email providers offer an activity log that shows recent login locations and devices. Check for any unauthorized access and:

  • Sign out of all active sessions on unfamiliar devices.

  • Revoke access to any connected third-party apps you don’t recognize.

  • Update security questions and recovery options to ensure you're the only one who can reset your password in the future.

9. Strengthen your online security to prevent future attacks

  • Prevention is key! Strengthen your security with these proactive measures:

  • Use a password manager to create and store unique passwords.

  • Avoid using public Wi-Fi for sensitive transactions unless connected to a VPN.

  • Be cautious of phishing emails – never click on links or download attachments from unknown senders.

  • Keep your software and operating system updated to patch security vulnerabilities.

  • Regularly back up your data to a secure cloud service or an external drive.

10. Consider a fresh start for maximum security

If your email was deeply compromised, consider starting fresh:

  • Create a new email address and update your accounts with the new credentials.

  • Use a brand-new, complex password that is entirely different from the old one.

  • Reset all passwords for sensitive services, such as banking, cloud storage, and work-related accounts.

Reinstall your operating system or factory-reset your device if you suspect deep-rooted malware.

Recovering from a hack

Recovering from a hack can be a challenging and time-consuming process. However, with the right steps, you can restore your data and services, rebuild trust with your contacts and clients, and evaluate and improve your security measures.

1. Restore data and services

If you’ve been hacked, it’s essential to restore your data and services as quickly as possible. Here are some steps you can take:

  • Contact your service providers: Reach out to your internet service provider (ISP) or web hosting company to report the hack. They can assist in restoring your services and securing your accounts.

  • Run antivirus software: Use trusted antivirus software to scan your computer or mobile device for malware. Remove any suspicious files or programs to ensure your system is clean.

  • Change your passwords: Update the passwords for all your online accounts, including email, social media, and financial accounts. Use strong, unique passwords for each account to enhance security.

  • Update your software: Ensure your operating system and all software are up to date with the latest security patches. This helps protect against vulnerabilities that hackers may exploit.

Restore from backup: If you have a backup service, restore your data from a previous backup. This can help recover lost information and ensure your system is free from malware.

2. Rebuild trust with contacts and clients

If you’ve been hacked, it’s essential to rebuild trust with your contacts and clients. Here are some steps you can take:

  • Notify your contacts: Inform your contacts and clients about the hack and apologize for any inconvenience it may have caused. Transparency is key to maintaining trust.

  • Provide information: Explain what happened and outline the steps you’re taking to prevent future incidents. This reassures your contacts that you are addressing the issue seriously.

  • Offer additional security measures: Consider offering two-factor authentication to your clients to protect their sensitive information. This extra layer of security can help prevent unauthorized access.

  • Incentivize affected clients: To show goodwill, consider offering a discount or other incentives to clients who have been affected by the hack. This can help rebuild trust and loyalty.

3. Evaluate and improve security measures

Finally, it’s essential to evaluate and improve your security measures to prevent future hacks. Here are some steps you can take:

  • Conduct a security audit: Perform a thorough security audit to identify vulnerabilities in your system. This helps you understand where improvements are needed.

  • Implement stronger security protocols: Introduce additional security measures such as two-factor authentication and encryption to protect your sensitive information.

  • Hire a security expert: Consider hiring a cybersecurity expert to review your system and provide recommendations for improvement. Their expertise can be invaluable in strengthening your defenses.

  • Develop an incident response plan: Create a detailed incident response plan to ensure you’re prepared in case of a future hack. This plan should outline steps to take immediately after a breach to minimize damage.

By following these steps, you can recover from a hack and prevent future attacks. Remember to always prioritize security and take proactive steps to protect your online accounts and sensitive information.

Protect your mobile device from hacking

Smartphones are just as vulnerable as computers. To keep them secure:

  • Beware of SMS phishing (smishing). Hackers send fake text messages pretending to be from your bank or service provider.

  • Enable biometric authentication. Use fingerprint or facial recognition for an added layer of security.

  • Regularly update apps and your operating system. Outdated software may have security holes.

  • Use a reputable mobile security app to detect and block malware.

  • Enhance privacy settings on your social media accounts. This helps protect against hackers who exploit personal information found on these platforms.

Ongoing monitoring and maintenance

To safeguard your online accounts and devices from future hacks, ongoing monitoring and maintenance are crucial. Here are some proactive steps you can take:

  • Use antivirus software: Install and regularly update antivirus software to protect against malware and other online threats.

  • Turn on two-factor authentication: Strengthen the security of your online accounts by activating an additional verification step.

  • Use unique passwords: Ensure each of your online accounts has a strong, unique password.

  • Monitor your accounts: Regularly check your online accounts and financial statements for any suspicious activity.

  • Update your operating system: Keep your operating system and other software up to date with the latest security patches.

  • Use an authenticator app: Consider using an authenticator app for additional security on your online accounts.

  • Be cautious with sensitive information: Only share sensitive information with trusted sources and be wary of phishing attempts.

  • Change passwords regularly: Regularly update your passwords to prevent unauthorized access.

  • Use a phone number: Add a phone number as an additional verification method for your online accounts.

By implementing these measures, you can enhance the security of your online accounts and devices, ensuring your sensitive information remains protected.

Final thoughts: Stay one step ahead of hackers

Getting hacked is a frustrating and stressful experience, but quick action can minimize damage and prevent future breaches. Cybercriminals are always evolving their tactics, so staying vigilant and adopting strong security habits is the best defense.

By following these steps, you can regain control of your accounts, protect your sensitive data, and reduce the risk of future attacks.

For more cybersecurity tips, explore our latest guides on staying safe online and preventing identity theft.

This post has been updated on 11-03-2025 by Sarah Krarup.

Author Sarah Krarup

Sarah Krarup

Sarah studies innovation and entrepreneurship with a deep interest in IT and how cybersecurity impacts businesses and individuals. She has extensive experience in copywriting and is dedicated to making cybersecurity information accessible and engaging for everyone.

View all posts by Sarah Krarup

Similar posts