Have I Been Hacked? What Can I Do to Recover?

Brandon King
December 6, 2023
man siting facing laptop

Photo by Clint Patterson

Most people won’t know they’ve been hacked until it’s too late.

You may find that you have been logged out of a social media account and ignored it, only to discover later that this was just the tip of the iceberg. 

It might be hours, or days until you discover the full extent of the damage. In my case, I didn’t realize that $5,700 had been stolen from my account until more than 72 hours had elapsed.

This is the reality of millions of people.

Americans lost over $10 billion to hackers and Internet scams in 2022 alone, and that statistic includes only those who reported the incident to the Internet crime complaint center (IC3).

Some people don’t report hacking incidents simply because they don’t know yet that they’ve been hacked, or because they feel embarrassed.

So, how do you know you’ve been hacked? And if you have, how do you recover your account from hackers?

Person Wearing a Mask Sitting on CHair while Using a Computer

Photo by Tima Miroshnichenko

Warning Signs That You Have Been Hacked

There are multiple warning signs that indicate you’ve been hacked. Below are some of the most common strategies hackers use, including the latest ones:

1. You’re signed out of your online accounts

This includes email, social media, online banking, and streaming services, and you can’t log back in. 

2. You receive password reset emails

Getting a password reset email you didn’t request could mean that a hacker has guessed your username but is trying to get your password. 

Password reset emails could also be phishing scams where the hacker wants you to click a fake link to enter and steal your login credentials.

Always check if an email is from a known sender. Here’s how to confirm if it is:

  • Legitimate organizations send emails from email addresses containing their domain name after the “@” symbol. For example, “@google.com,” “@amazon.com,” etc. So, if an email purporting to be from a private company is using a public domain address like Gmail, Yahoo, Hotmail, AOL, etc., it’s fake.
  • Confirm that the sender’s name and email address match.
  • Check for grammatical errors. 
  • Lookout for deceptive names. For example, “google” could be written as “g00gle,” or “g0ogle.” Hackers frequently replace letters with something similar, like “5” for “s,” as in @cha5e.com rather than @chase.com.
  • Watch out for emails that use the “Bcc” field. Although there’s nothing wrong with this, legitimate organizations typically send emails to one sender using the “To:” field only.
  • Hover your cursor over any links to see if they redirect to the right link. If the website shown doesn’t match the link, don’t click. You can also right-click on the link and click “inspect.”
  • Look out for implied urgency and beware of unbelievable deals or offers.

If you didn’t request a password reset, you usually don’t need to do anything and can ignore it. 

3. Unrequested one-time passwords

This is when you receive One-Time Passwords (OTPs) or verification codes you didn’t request via SMS or email. If this happens, then a hacker has already guessed your username or password, but your two-factor authentication is blocking their access.

4. Unrecognized locations or devices

This happens when you receive login notifications from locations or devices you don’t recognize. 

5. Unknown emails in your email account

There are unknown emails in your “SENT” folder. In some cases, your contacts may also receive fake emails or texts from you. Friends may also receive social media invitations from your account.

If these emails, texts, and invitations are from your actual email address, phone number, or contact, you have certainly been hacked. 

Should this happen, run a complete antivirus scan on your device and delete recently downloaded programs that can’t be verified as legitimate. 

6. When your Internet searches constantly redirect

This could be a sign that your search engine is infected with malware.

For example, you click on a search result, but you’re redirected to a webpage you didn’t search for. 

Reset your browser settings, install reliable antivirus software like Bitdefender, and enable firewall settings.

7. Fake IRS notices

You may also receive fake notices from the IRS or debt collection agents claiming unpaid taxes or debts. In some cases, new bank accounts, credit lines, and insurance claims have been made in your name.

8. Unexplained charges on your bank statements

Look out for suspicious charges on your bank statements or credit card. In such instances, it’s crucial to immediately initiate a credit freeze and notify your bank and creditors.

9. Slow computers, phones, or routers

If your apps take longer to start or your devices suddenly slow down and take forever to boot up, you might have been hacked. Sometimes, your computer or phone may begin crashing with greater frequency.

10. Virus notification

You receive pop-ups and notifications claiming your device has a virus. Hackers will typically encourage you to click a button to fix the problem. Ignore such pop-ups.

11. Data breach notification

A company or service you use may also notify you when there’s a data breach. In this case, you should change all your passwords and enable two-factor authentication (2FA). 

12. Your computer cursor moves on its own

If you haven’t touched your mouse or trackpad and your cursor moves by itself, you may have been hacked. Your web camera light may also turn on when not in use.

13. Ransomware notification

You receive a ransomware pop-up claiming your device is encrypted and you must pay a ransom. 

Going to a recognized IT professional is recommended in this case. But you should also consider restoring your device from a backup or initiating a Windows system restore. A reliable IT professional can use data recovery software or ransomware decryption tools like the No More Ransomware Project to help you recover your device.

14. Apps open and close

If your device’s apps open independently and you have to repeatedly close them, this may indicate a hacker has gained remote control of your computer or phone. 

You may also notice browser add-ons, plugins, or toolbars you didn’t install. In some cases, you may find mysterious files or folders that you don’t recognize on your computer desktop.

Other notable signs that you have been hacked are:

  • Missing funds or cryptocurrency in your wallet. 
  • Your clients or business partners say they communicated with you via email, phone, or social media when you didn’t speak with them. Sometimes, hackers may also use platforms you don’t use.
  • Your antivirus software is disabled on its own.

Recognizing the signs of a hack can help you avoid future breaches and speed up the process of recovering your account after an attack. 

Unfortunately, most people ignore the warning signs until it’s TOO LATE. 

A Person with Mask Using a Computer

Photo by Tima Miroshnichenko

What Happens to Your Information After You’re Hacked?

In most cases, hackers want to steal your money or access sensitive information such as private conversations, photos, or login credentials on your device. Sometimes, you may not be the target.

They could be using you to gather intelligence for a larger attack aimed at your friends, family, or company.

There are many consequences to being hacked, both short-term and long-term:

  • Immediate financial loss
  • You’re unable to access your online accounts.
  • Your activities are spied on.
  • You become a victim of ID theft, and your identity is used to commit crimes.
  • Your credit score is damaged due to unpaid debts.

Consequences at the workplace include:

  • Being locked out of your work systems. This is common with session hijacking, a type of cyberattack.
  • Lost clients.
  • Lost revenue and costly legal battles.
  • Permanent damage to you and your company’s reputation. 

Confirming If You’ve Been Hacked

Not noticing any of the signs above doesn’t mean you’ve not been hacked. It may just be that the hackers are yet to use your profile or personal information.

Or, threat actors may be actively looking to hack your other accounts to get the information they need and commit a more devastating crime.

Alternatively, they may sell your hacked information on the dark web.

What can you do to know if you’ve been hacked?

Here are some tips:

1. Use “Have I Been Pwned”

Haveibeenpwned.com is a tool that uses your email or phone number to search its list of stolen credentials. It’s a good place to confirm if your information has been involved in a data breach.

According to the platform, more than 12 million accounts have been “pwned.” 

2. Monitor your credit and bank accounts

Scammers often use hacked information to access your credit files and bank accounts. As such, checking your credit history and banking statements for signs of unexplained deductions is essential.

If you find unrecognized transactions or signs of fraud, flag them immediately. Fraudsters may make small transactions first in hopes you don’t detect them. If you don’t flag these transactions, they might make a bigger purchase.

3. Use reliable software that monitors leaked information

Software from identity theft protection services such as Aura, Identity Guard, IDShield, and IdentityForce is excellent for protecting you against hackers and identity theft.

These services have features such as leaked password scanners and dark web monitoring that you can use to check if your login credentials have been compromised.

What to Do When You’re Hacked and How to Recover?

Once you’ve identified a hacking incident, taking immediate corrective action is crucial.

Some 56 percent of Americans are unsure what to do after being hacked. Don’t let that be you.

Here’s what to do immediately after a data breach or hack:

1. Change your passwords and enable two-factor authentication 

If you suspect you may have been hacked, change all passwords immediately, even for accounts that weren’t compromised.

Ensure the new password is at least 15 characters with symbols, letters (uppercase and lowercase), and numbers.

Don’t reuse a password more than once. If you have trouble remembering all your passwords, use a password manager service like Bitwarden. 

Ensure you change your passwords every three months. 

In addition, enable two-factor authentication via an app like Authy, Google Authenticator, or Microsoft Authenticator.

2. Place a fraud alert and freeze your credit

Hackers can use your personal information to ruin your credit score by racking up debt in your name. 

They may also open new accounts with your identity.

When you suspect you’ve been hacked or your information is in a data breach, contact each of the major credit bureaus – Equifax, Experian, and TransUnion to freeze your credit.  You can also freeze your credit online via:

This stops anyone, including you, from taking out loans or opening new accounts in your name.

You can unfreeze your credit anytime, and it won’t affect your credit score.

Call your bank’s fraud department to cancel your cards and suspend your account. Check to see if your mobile banking app allows you to block a lost or stolen card and do it immediately. 

Fraud alerts typically last for one year, while extended fraud alerts could remain on your credit reports for up to seven years.

3. Install antivirus software 

Antivirus software can help you find and eliminate the source of a device hack, especially if it’s malware. Use reliable antivirus software like Norton 360 Deluxe, McAfee Antivirus Plus, Avast, and Bitdefender Antivirus.

Run a deep scan to quarantine malware and clean your device. To be sure, run a secondary scan.

Enable the firewall settings of your antivirus software to protect you from web-based attacks.

4. Lock your SIM card

SIM swapping is a fast-growing scam where a hacker convinces your mobile phone carrier to transfer your phone number to a different SIM that they control.

This allows the hacker to bypass security protocols like two-factor authentication and verification codes.

If your family receives text messages that you didn’t send, contact your mobile carrier to inform them about it.

Ask them to “lock” your SIM with a PIN or security question. Anyone who tries to change your phone number must provide the PIN or answer the security question.

5. Update operating system and software

Make sure you update your device OS and software regularly. Developers add security patches occasionally, so ensure your device is up to date.

6. Contact the company or service 

Companies have policies in place to address data breaches and cyberattacks.

Contact them for help recovering your account. Alternatively, you can search for account recovery processes on forums or search engines.

7. Report the incident to the Federal Trade Commission

If you’ve been hacked and suspect your identity has been stolen, file a report with the FTC and other relevant agencies like the FBI’s Internet Crime Complaint Center (IC3). 

You should also file a police report.

8. Unlink online accounts

If you frequently use your social media accounts to sign up for other accounts, such as “Sign in with Facebook,” unlink them. 

Should your Facebook account be hacked, the hacker might be able to access every other account you’ve given access permissions to.

Revoke access to third-party apps from each app that your social media is linked to. 

9. Secure your Wi-Fi network and avoid public Wi-Fi

Your home or office Wi-Fi may also be compromised, giving hackers easy access to connected devices. 

Some warning signs that your Wi-Fi has been hacked include “Slow Internet service, changed login credentials, and seeing unrecognized connected devices”.

If that’s the case, perform a full router reset, change your password, and disable remote access or administration.

10. Wipe devices clean and reinstall the operating system

Even after installing antivirus software, some deeply rooted malware may persist on your device.

If you still experience signs of the hack after taking the above steps, consider doing a whole system wipe and reinstalling your OS.

Each OS has specific steps to erase and reinstall the system.

Here’s how you can reset an iOS 15 or later:

First, go to Settings > General > Transfer or Reset iPhone.

Here, you can either prepare your content and settings to transfer to a new phone or erase all data from your iPhone. Choose the latter.

Another method is to connect your iPhone to a Mac or Windows PC using a USB or USB-C cable.

On a macOS 10.15 or later, open a Finder window, click on the iPhone button below locations in the Finder sidebar, and click General at the top. Then, click Restore iPhone.

If you’re on a Windows PC or an earlier macOS version, simply install the latest iTunes version. Open iTunes, click on the iPhone button close to the top left of the iTunes window, and click Summary. Then click Restore iPhone.

On an Android 7 or Later phone:

Go to Settings > Backup and Reset > Factory Data Reset > Reset Device > Erase Everything.

On a Mac:

Click here for information on how to erase your Mac and return it to factory settings.

On PC:

Click here to reset your PC to factory settings.

11. Notify your friends to stay safe

As mentioned earlier, a hack on you might be used to target your friends, family members, or co-workers.

It’s important to notify everyone you know or share sensitive information with that your account was compromised.

This will help them fortify their protection so they don’t become victims.

If you are a parent, hackers might also target your kids, especially teenagers and young adults.

Since children are more likely to become fraud victims, hackers may use various phishing or social engineering tactics to induce them to reveal sensitive information.

Train your kids on the importance of not sharing sensitive information on social media. If you can, enable parental controls on their devices to monitor the accounts they use and who they chat with.

12. Monitor your credit and banking accounts

Keep an eye on your credit and banking accounts for the next few months for suspicious activity. Consider getting a free credit report from each major credit bureau – Equifax, Experian, and TransUnion at AnnualCreditReport.com.

13. Subscribe to an identity protection service

We all have busy lives.

Sometimes, actively monitoring our online accounts puts more strain on an already full schedule.

In such cases, you should consider subscribing to identity protection services.

For a monthly fee between $10 to $50, you can protect yourself and your family from identity theft or hacking incidents.

Services like IDShield, IdentityForce, and Aura will notify you when your identity or personal information is used, making it easy to flag hacking incidents. 

Some of these services also have a leaked password feature that notifies you when your password has been leaked. In addition, if your login credentials or ID cards are ever listed for sale on the dark web, monitoring features may notify you.

Home Security Heroes will help you to compare a variety of the best Identity theft protection services and weigh your options.


In most cases, unexpected changes to a device, social media account, bank account, or email indicate that you’ve been hacked.

Don’t be part of the 56 percent of Americans who are unsure what to do after a hack.

Taking action immediately when you notice these signs can make a difference. 

Hackers are increasingly creative and have access to sophisticated tools and no one can guarantee 100 percent safety.

However, proper cyber hygiene can go a long way. 

This includes creating strong and unique passwords and enabling 2FA, installing antivirus and firewall software, freezing your credit, using an ID protection service, and not clicking suspicious links or downloading email attachments. 

Remember to protect yourself from old-school tactics like shoulder surfing… When unlocking your phone or logging into sensitive accounts, pay attention to your surroundings.

When entering passwords or PINs, check behind you to ensure no one is looking over your shoulder. 

It’s also strongly recommended you log into your device and accounts using biometric authentication when in public. 

All is not lost if you’re hacked. 

There are ways that you can recover and bounce back. You’ll be wiser and know better after such an experience. Get identity theft protection for peace of mind, and you’ll be back enjoying the Internet and all the good things it has to offer soon enough!