If your account or device is hacked, this means someone may have gotten access to your data without your permission. For example, your email might have been hacked if you sign in and see in your sent box an email or a number of emails that you did not send yourself.
Being hacked can be a very stressful experience. Someone might be able to read your personal messages, or they could be trying to gather information about you to use your account for other purposes.
Sometimes it might be difficult to find out if you were hacked, and you might not know what to do if you were.
If you have been hacked, it’s important to remember that this is not your fault. Most people unfortunately are hacked at some point in their life, and with a few different actions, the situation can usually be resolved quickly.
There are a couple of ways to check and different steps you can take if you have been hacked.
How to know if you’ve been hacked
Depending on the platform or service you are using, you might be notified if someone has hacked your account. You might also have to do some research to find out if you have been hacked.
Your friends receive messages you didn’t send yourself
If you log into your email or social media account and see messages in your inbox that you did not type yourself, you might have been hacked. Event invitations or posts that you didn’t write could also be signs that your account has been hacked.
Sometimes, hackers or scammers will create a fake account pretending to be you and start messaging your friends or followers. If this happens, report the account to the platform straight away.
Your details have been changed
A hacker can also change details on your social media profile. For example, they might change your birthday, email address, username, or password.
Check your profile and settings information to make sure your details are correct and haven’t been messed with.
You got an email from the platform
If someone has signed or is trying to sign into one of your accounts, you might receive an email from the platform asking you to confirm a sign-in. If it wasn’t you, follow the steps to let the platform know.
You have to continually log into the app
Another sign of hacking is having to continually log back into your account. A hacker might be messing with your account’s sign-in details, and could be causing you have to log-in multiple times.
Check on HaveIBeenPwned
HaveIBeenPwned is a website that can check if your email address or accounts tied to your email address have been listed as an account that has been hacked.
Visit the site and enter your email address, and Pwned can let you know if you’ve been hacked.
If your account has been hacked, the site will let you know and will tell you when the account was compromised and where this was listed. HaveIBeenPwned is not always updated immediately, so it might not be able to tell you if you are being hacked right in that moment, but it can tell you which accounts may have been hacked in the past.
What to do if you have been hacked
If you have been hacked, the first thing to do is to take a deep breath. Remember, this is not your fault and a lot of people unfortunately go through this experience. Take care of yourself, and try some of these suggestions to get things back in order.
Do not engage with the hacker
If a hacker contacts you, do not engage with them. Keep a record of the communications. Importantly, if you think your account has been hacked, report it to your local Garda station and keep records of all suspicious activity. The Garda website provides some good examples of scams.
Check with the server
Some platforms and email servers have a help function if you have been hacked. This is often found underneath a “security” heading, and clear steps are provided for you to keep your account safe.
Reset your password
Resetting your password is a good way to keep hackers out. Once you change a password, you have to log back in with the new information, which the hacker won’t have. Make sure you never share this password with anyone else.
Change or confirm your password recovery
Often, websites will ask you to select a question or a few questions to provide answers to so that you can prove the person trying to log in is you. If your account has been hacked, change the questions you are asked when you log in.
Also make sure the alternate email address listed is actually yours, and double check the security on that email account too, as the hacker may try to get into this next. Make sure any phone number listed is yours too.
Check your settings
Double check the settings in your account to make sure nothing has been changed. For example, if your email was hacked, make sure there’s nothing strange in your email signature, check if an automatic reply has been set up and switch it off if there has, and disable any forwarding settings that might have been switched on.
It’s also a good idea to let your contacts know you were hacked in case they received any spam from your account.
Use two-factor authentication
It’s a good idea to set up and use a two-factor authentication. This is an extra layer of security for your accounts, and makes sure that you’re the only person who can access your account.
For example, if you try to log into your email with your password and email address, you might be sent a text with a verification code. You will have to enter this code to continue to log into your email.
Use different passwords
If you have the same password for all of your accounts, and a hacker has figured it out, they can sometimes hack into other accounts by trying the same password.
Make sure to have different passwords for different accounts, and keep a record of them in a safe place.
Strengthen future passwords
Going forward, make sure any password you have is a strong one. This could mean picking a password that doesn’t have a direct reference to your first or last name or including lowercase and uppercase letters, numbers, and symbols in your password.
Read up on how to make a strong password.
Have a password manager
A password manager helps you manage all your unique passwords in one place, and helps keep them secure. It’s a good way to keep track of everything, and keep your data safe.
There are a few different password managers out there, so have a look around before you choose what’s best for you.
Sign out of shared networks
If you access your accounts over shared networks or on a shared computer, such as a college or library computer, make sure you sign out of your accounts and log out of the session before you walk away.
Protect your device
Anti-virus software can be a good way to protect your device. It will scan for viruses and let you know if it has found anything suspicious, which allows you to take action before things can get any worse.