Emergency plan: What to do if you’ve been hacked
Your family has a plan in case of fire. You can have one for earthquakes or other natural disasters. And these days, it’s a good idea to also have a plan for what to do if you’ve been hacked.
Because, believe it or not, it’s much more likely that you or a loved one will be the victim of a data breach, phishing attack, romance scam, or one of the many other cybercrimes that we colloquially call “hacks” in these days. According to the FBI 2021 Internet Crime Report, there were nearly 850,000 “hack” complaints filed in 2021, for a total of nearly $7 billion lost. By comparison, there were around 338,000 fires in residential structures same year.
Gosh! With that in mind, we wanted to give you a short and sweet contingency plan for what to do if you (or a loved one) have been hacked. Print it out, tape it to the side of your computer, place it on the fridge or file it somewhere handy to ensure that if you are the victim of a cybercrime, you know what to do.
1. Change your passwords.
The first move after becoming a victim of a cybercrime is to change your passwords. Start with the service that was immediately affected, then branch out to other websites, apps or services where you’ve used the same password. If you still have some steam, proceed to other accounts and change those passwords as well.
A tool that really helps with creating, remembering and changing secure passwords is a password manager. Download one and start using it ASAP.
2. Enable two-factor authentication.
While you’re there changing your password, be sure to enable two-factor authentication (TFA), if available. TFA requires you to enter not only your password, but also another authentication factor (such as a code that has been sent to you) to access an account. This adds another layer of security to your accounts, because cybercriminals who got hold of your password likely won’t have access to your text or email, making it impossible for them to log in again.
3. Call your bank.
Once an account has been compromised, it is possible that your bank accounts (and other financial institutions) may be compromised. Contact your bank ASAP to let them know what has happened and that they should be on the lookout for suspicious activity.
4. Tell friends and family.
It can feel embarrassing to be the victim of a crime, but remember: It’s so, so common. Letting friends and family know what happened to you not only helps them be aware of similar scams themselves, but also alerts them to be on the lookout in case they receive a strange message from “you.”
5. Report the incident to the Federal Trade Commission (FTC).
Prosecuting cybercrimes after they have occurred can be difficult, however let the FTC know what happened helps them prevent more crimes in the future.
Toe our cyber awareness quiz and learn how to navigate discussions with your family around the complexities of technology and digital threats. What’s more, download our online safety checklist (PDF) for a quick guide to better online security.