Preparing for the worst: How to handle getting hacked

Have you ever lost access to your account or been hacked before? Getting back on track from a hack can be quite the painful process, but it's at this point in time when you need to keep your wits about you and prioritize regaining access and minimizing the harm you receive from a hack.

To that end, here are some steps you can take in case you feel you've lost control of an account you have online.

If you get a notification about suspicious activity on your account

Online services tend to now offer notifications if they feel your account has been accessed in a way that isn't part of your normal usage case.

At the same time, attack groups often try to mimic these notifications to trick the unsuspecting into giving them account details by filling out a fake form that looks like the real deal.

The best way to check if there's actually something weird going on is to not use any links sent by notifications. Instead, log in directly to your account by manually entering the URL of the login page of the account you want to check.

Once you're logged in to a service, try to see if there's a login history available to view or a way to force logouts for all devices connected to the account.

For example, Facebook lists all the devices and locations you're logged into on the Security and Logins section of the Settings page. If something seems wrong, you can force a logout on all devices to expel any bad actors from your account.

If you feel there's a need to change your password, do so, and make sure to make that password different from your passwords on other accounts. An offline password manager is highly recommended so you can keep track of these.

If you lose access to an account

In case you are unable to sign in to one of your accounts, there are a number of things you can try to get it back.

Password resets: In some cases, attackers might be trying to disconnect your email information from your account to make it more difficult for you to get that account back. Resetting your password (and using a strong password replacement) is one of the first steps to trying to keep unscrupulous people away from your information.

Inform important connections: If it's a financial service account, call your bank immediately so they can prevent money from being spent.

For personal accounts, such as things like messaging services or social media, inform your friends and family using other means. Tell them you've been hacked and are trying to get the account back so they know not to answer queries from the affected account in the meantime.

Unlink connected accounts: If you have services that are linked together, and one of them has been hacked, it's a good idea to unlink as many services as possible from that account.

For instance, if you have an email account that's been hacked, unlink as many services that use that account for password reset procedures while you try to get that account back.

Change similar passwords and get two-factor authentication: It goes without saying that you should try to make all your passwords unique and use an offline password manager to keep track of all of them. If there are accounts that use the same password or a similar password to an affected account, change those passwords immediately. You may also want to set up two-factor authentication as an added layer of security for accounts you have, if that service supports it.

Contact relevant support teams: Aside from resetting passwords, you can also try sending a support ticket for the relevant service that you've lost access to. Here are the support links for Google, Facebook, and Twitter, for example.

Scan your computer: While you're doing all of this, it'd also be a good idea to scan your computer for malware or viruses. There are a number of services you can use for this, such as MalwareBytes or Windows Defender, among others. You can also purchase antivirus software if you think you need it.

These days, it's really a matter of being prepared for the worst case than hoping for the best when it comes to cybersecurity scenarios. It's a good idea to expect to be hacked eventually, rather than hope you never get attacked, as cyberattacks happen every day.

We hope we've covered the basics well enough for you to get the hang of things. Keep yourself calm in case of a hack and there's a good chance you'll be able to minimize the damage done to your accounts. – Rappler.com

Victor Barreiro Jr.

Victor Barreiro Jr is part of Rappler's Central Desk. An avid patron of role-playing games and science fiction and fantasy shows, he also yearns to do good in the world, and hopes his work with Rappler helps to increase the good that's out there.

image