There’s nothing quite like that feeling of dread that slowly envelops you when you realize you’ve been backed. Regardless if it’s just your social media account or something as serious as your bank account or credit card, you can’t escape those first few moments of confusion, anger, and the overwhelming sense of fear. You don’t know how they got your information, what other accounts they’ve had access to, how long they’ve had access, and it’s terrifying. So I’ve come up with a checklist to help you protect yourself from further damage and begin the repairing process.
Do Not Panic
First off, breath. It might sound silly, but you need a clear head to proceed. Panic and fear will only lead to confusion. You can easily forget crucial steps you need to take or repeat ones and waste time.
Change your Passwords
Change your passwords, especially if you use the same password for multiple accounts. You should change your passwords once every 3-6 months. Consider using a password management software like LastPass or KeePass. In the future, set up two-factor authentication when possible.
Identity Theft? Notify Credit Agencies
If your personal information (such as social security number) has been compromised, notify the credit agencies (Equifax, Experian and TransUnion) and request a 90-day credit alert. Activating this tells businesses to contact you before any new account can be opened in your name. This alert can be renewed every 90 days. It can also stay in effect for seven years – so long as your identity has been stolen, and you’ve filed a report with the police.
The Federal Trade Commission also offers some excellent advice and includes details on how to get your life back after your identity has been stolen.
Monitor your Credit Card Bills
Monitor your credit card bills and double check any charges you don’t recognize. Criminals are known to make small charges to begin with, hoping they’ll go unnoticed, before running your card for something really big. If you see a charge you didn’t make, call the credit card company and alert them right away.
If someone has already stolen your identity and opened an account, immediately contact the credit issuer and have the account closed. Dispute any charges that were made. Request your credit report from one of the three credit agencies and ask for any unauthorized accounts or incorrect information be removed from your record. This will help preserve your credit score.
Submit your report through the FTC website and keep copies of all your reports and correspondences with these agencies. Record everything, use certified mail and get delivery receipts. Most of the places you’ll need to call will have a notice, “This call may be recorded for quality assurance purposes”, but don’t rely on them for recording the conversation. Record the call yourself, but be sure to inform the person on the other end of the line that you are recording the call. Check your state for telephone recordings laws.
Check the Sent Folder in your Email
Check your sent folder of your email and look for any messages that may have gone out that you didn’t send. Hackers might request personal information from banks or send viruses to your friends. If you see anything suspicious, contact the recipients and let them know.
If the hacker has gained access to your account and locked you out by changing the password, you’ll need to contact the email provider and prove you’re the rightful account holder. And remember, if you’ve used your email address and the same password for other websites, those are all compromised as well. Change those as fast as you can to beat them to the draw. Even if you don’t use the same password for those accounts, the hacker can still use the “forget my password” feature and have a new one email to them.
If you’re concerned, your computer may have a virus, avoid making online purchases until you have run comprehensive anti-virus and malware software. Some virus installs keyloggers on your computer, letting the hacker see every keystroke. Typing in your credit card information is all they would need.