What to do if your account has been compromised

 

What “compromised” means

If your ‘account’, e.g. bank, email, social media account has been compromised, it means someone has access to this ‘account’ which you have not authorised.

An example would be:

  • An unknown person using your email account to send messages to your contacts.

  • Your online bank account being used to send money to an unknown account.

Accounts may be compromised using many different methods, some include:

  • Phishing & Social Engineering: an individual lures you to provide your sensistive login details for your account via email, text, fake login pages, etc.

  • Data Breaches: your account may have been involved in a data leak, providing unauthorised access to your account.

  • Brute Forcing: your password and/or username are guessed repeatedly by an attacker until they gain access to your account.

  • Malware / Information Stealers: malware on your device has been installed which stole your login information.

How to identify if an account is compromised

You might notice one or more of these signs:

  • You get emails or texts saying there was a login you don’t recognise - always verify that these emails / texts are from your account provider.

  • Password reset emails arrive that you didn’t request.

  • Friends tell you they got strange messages or links from you.

  • You see posts, messages or activity in the account you didn’t make.

  • You can’t log in with your usual password.

  • You’ve lost access to an account because the recovery email/phone was changed.

  • Other unusual account activity which you did not perform.

Quick emergency steps - do these right away for email, social media and other accounts

  1. Try to regain access

    • Go to the service’s (email, bank, social media, etc) sign-in page and use “Forgot password” or “Can’t access my account”. If you can still log in, immediately change the password to something new and strong. A strong password should use at least 12 characters mixing letters, numbers, symbols, or let a password manager generate one for you.

  2. Disconnect devices

    • If you think you’re still logged in on a device you don’t trust, sign out of all devices from the account settings (most services offer “Sign out of all sessions”).

    • If you can’t sign out, change the password first — that often forces other devices to re-authenticate.

  3. Turn on 2-Step Verification (2FA)

    • Use an authentication app (recommended) or SMS if that’s all that’s available. This adds a second check when logging in. If you don’t have access to a smartphone, contact the service provider and ask about if hardware security keys are available or other options.

  4. Check recovery details

    • Ensure the recovery email and phone number are yours. If not, update them to trusted ones.

  5. Scan your devices

    • Run a full antivirus/malware scan on devices you use to access the account, if you are using a Microsoft Windows device you can do this using Microsoft Defender, alternatively Malwarebytes is a free utility for Mac, Google Chromebooks and Android devices. If a device is infected, it can re-compromise your account.

  6. Tell your contacts

    • If the attacker could have messaged your friends (spam, phishing), warn them so they don’t click links, an example would be: “Hi, my account was hacked. If you got any strange messages or links from me in the last [X days], please don't click them and delete them. I've secured my account now.”

  7. Report to the service

    • Use the service’s “Report hacked account” or support process (banks, email, social media have clear reporting paths). Some include:

      1. Gmail

      2. Microsoft Applications (Outlook, Office, etc)

      3. Facebook

      4. Instagram: Use 'Get help signing in' → 'My account was hacked'

      5. Snapchat

      6. X / Twitter

Quick emergency steps - do these right away for bank accounts and other financial accounts

  • Call your bank's fraud hotline immediately (number on back of card)

  • Ask them to freeze the account and review recent transactions

  • Request chargebacks for unauthorized transactions

  • Ask about fraud protection and what documentation they need

Time matters: Most banks offer better protection if you report within 24-48 hour.

Report to authorities (when appropriate)

  • If money was stolen: Report to your bank immediately AND file a police report (may be needed for fraud protection).

  • Identity theft: Consider credit monitoring and freezing your credit.

  • Note: Police rarely catch individual hackers, but reporting creates a record for insurance/bank claims.

Step-by-step recovery (if you can still log in)

If the compromised account is financial, e.g. online banking, contact the bank / service immediately and freeze the account to prevent fraud.

  1. Change the password to a long, unique phrase you haven’t used elsewhere.

  2. Force a log-out of all sessions for other devices.

  3. Enable 2FA (authentication app recommended).

  4. Review account settings:

    • Recovery email / phone - make sure they’re yours.

    • Forwarding rules (email) - remove any you didn't set.

    • Linked apps or devices - remove anything you don’t recognise.

  5. Revoke app access for third-party apps you don’t trust.

  6. Update passwords for other accounts that used the same password (don’t reuse passwords).

What if you can’t login

  1. Use the provider’s account recovery form. This often asks for previous passwords, recovery codes, or other identification.

  2. Contact support by phone or chat - banks and big platforms usually have a recovery team.

  3. If a recovery email or phone was changed, gather evidence (emails, screenshots) showing you are the rightful owner.

  4. If money was stolen, contact your bank and consider reporting to local authorities.

How to prevent account compromise

  • Use a different password for every account (use a password manager to help).

  • Turn on 2-Step Verification (2FA) everywhere you can.

    • Prefer an authenticator app (Google Authenticator,, etc.) over SMS (text message) where possible.

  • Don’t reuse passwords and avoid obvious choices (your name, username, birthdays, pet names).

  • Be careful with password reset emails and links. Instead, go to the website yourself, don’t click suspicious links.

  • Regularly review account recovery details and connected apps.

  • Keep devices updated and scanned for malware.

  • Back up important data and keep recovery codes in a safe place (not stored in email or text files).


Donate

To help people like you we rely 100% on donations from people like you.

Without donations we cannot keep our service free and provide help to the most vulnerable victims of cyber crime when they need it most. As a not-for-profit organisation, 100% of your donation goes towards keeping The Cyber Helpline up and running - so 100% goes towards helping people like you. Donate now and help us support victims of cyber crime. 

Donate Now

To help people like you we rely 100% on donations from people like you.