Steps to Take If …

(Source: Federal Trade Commission)
  1. What Does It Mean to Be Hacked?

    You get a flood of messages from friends and family. They’re getting emails from you with seemingly random links, or messages with urgent pleas to wire you money. It looks like your email or social media account might have been taken over. What do you do? For starters, make sure your security protections are up-to-date, reset your password, and warn your friends.

  2. How You Know You’ve Been Hacked

    You might have been hacked if:

    • friends and family are getting emails or messages you didn’t send
    • your Sent messages folder has messages you didn’t send, or it has been emptied
    • your social media accounts have posts you didn’t make
    • you can’t log into your email or social media account

    In the case of emails with random links, it’s possible your email address was “spoofed,” or faked, and hackers don’t actually have access to your account. But you’ll want to take action, just in case.

  3. What To Do When You’ve Been Hacked
    1. Update your system and delete any malware

      Make sure your security software is up-to-date

      If you don’t have security software, get it. But install security software only from reputable, well-known companies. Then, run it to scan your computer for viruses and spyware (aka malware). Delete any suspicious software and restart your computer.

      Set your security software, internet browser, and operating system (like Windows or Mac OS) to update automatically

      Software developers often release updates to patch security vulnerabilities. Keep your security software, your internet browser, and your operating system up-to-date to help your computer keep pace with the latest hack attacks.

    2. Change your passwords

      That’s IF you’re able to log into your email or social networking account. Someone may have gotten your old password and changed it. If you use similar passwords for other accounts, change them, too. Make sure you create strong passwords that will be hard to guess.

    3. Check the advice your email provider or social networking site has about restoring your account

      You can find helpful advice specific to the service. If your account has been taken over, you might need to fill out forms to prove it’s really you trying to get back into your account.

    4. Check your account settings

      Once you’re back in your account, make sure your signature and “away” message don’t contain unfamiliar links, and that messages aren’t being forwarded to someone else’s address. On your social networking service, look for changes to the account since you last logged in — say, a new “friend.”

    5. Tell your friends

      A quick email letting your friends know they might have gotten a malicious link or a fake plea for help can keep them from sending money they won’t get back or installing malware on their computers. Put your friends’ email addresses in the Bcc line to keep them confidential. You could copy and send this article, too.

  4. What To Do Before You’re Hacked
    1. Use unique passwords for important sites, like your bank and email

      That way, someone who knows one of your passwords won’t suddenly have access to all your important accounts. Choose strong passwords that are harder to crack. Some people find password managers — software that stores and remembers your passwords for you — a helpful way to keep things straight. If you use a password manager, make sure to select a unique, strong password for it, too. Many password managers will let you know whether the master password you’ve created is strong enough.

    2. Safeguard your usernames and passwords

      Think twice when you’re asked to enter credentials like usernames and passwords. Never provide them in response to an email. If the email or text seems to be from your bank, for example, visit the bank website directly rather than clicking on any links or calling any numbers in the message. Scammers impersonate well-known businesses to trick people into giving out personal information.

    3. Turn on two-factor authentication if your service provider offers it

      A number of online services offer “two-factor authentication,” where getting into your account requires a password plus something else — say, a code sent to your smartphone — to prove it’s really you.

    4. Don’t click on links or open attachments in emails unless you know who sent them and what they are

      That link or attachment could install malware on your computer. Also do your part: don’t forward random links.

    5. Download free software only from sites you know and trust

      If you’re not sure who to trust, do some research before you download any software. Free games, file-sharing programs, and customized toolbars also could contain malware.

    6. Don’t treat public computers like your personal computer

      If it’s not your computer, don’t let a web browser remember your passwords, and make sure to log out of any accounts when you’re done. In fact, if you can help it, don’t access personal accounts — like email, or especially bank accounts — on public computers at all. (Also be careful any time you use public Wi-Fi.)

(Source: Federal Trade Commission)
  1. What is Identity Theft?

    Identity theft is when someone steals your personal information and uses it without your permission. It’s a serious crime that can wreak havoc with your finances, credit history, and reputation — and can take time, money, and patience to resolve.

  2. What to Do Right Away
    Immediate Steps to Repair Identity Theft

    Here’s how to begin to limit the harm from identity theft.

  3. What to Do Next
    Extended Fraud Alerts and Credit Freezes

    Placing both extended fraud alerts and credit freezes on your credit reports can make it more difficult for an identity thief to open new accounts in your name.

    Repairing Your Credit After Identity Theft

    Here are step-by-step instructions for disputing fraudulent charges and accounts related to identity theft.

    Lost or Stolen Credit, ATM and Debit Cards

    Federal law limits your liability if your credit, ATM or debit card is lost or stolen, but your liability may depend on how quickly you report the loss or theft.

  4. Specific Types of Identity Theft
    Tax-Related Identity Theft

    Do you know the warning signs that an identity thief is using your Social Security number?

    Child Identity Theft

    Here’s how to protect your child’s personal information against theft.

    Medical Identity Theft

    An identity thief can use your personal information to get medical care or services. Find out how to respond.

  5. Protecting Your Identity
    Signs of Identity Theft

    If identity thieves have your personal information, they can drain your bank account, run up charges on your credit cards, open new utility accounts, or get medical treatment on your health insurance. Here’s how to act quickly to limit the damage.

    How to Keep Your Personal Information Secure

    Safeguard your personal information, whether it is on paper, online, or on your computers and mobile devices.

    If someone makes unauthorized transactions with your debit card number, but your card is not lost, you are not liable for those transactions if you report them within 60 days of your statement being sent to you.

  6. Sample Letters and Forms
    Sample Letters and Forms for Victims of Identity Theft

    Use these samples to help write your own letters to limit damage caused by identity theft.

(Source: Federal Trade Commission)
  1. Report Loss or Theft Immediately

    Acting fast limits your liability for charges you didn’t authorize. Report the loss or theft of your card to the card issuer as quickly as possible. [Note: if contact information for a particular issuer cannot be found, one recommended option is to contact the network associated with the card (i.e., Visa, MasterCard, American Express or Discover).] Once you report the loss of your ATM or debit card, federal law says you cannot be held liable for unauthorized transfers that occur after that time.

    • Follow up with a letter or email. Include your account number, the date and time when you noticed your card was missing, and when you first reported the loss.
    • Check your card statement carefully for transactions you didn’t make. Report these transactions to the card issuer as quickly as possible. Be sure to send the letter to the address provided for billing errors.
    • Check if your homeowners or renter’s insurance policy covers your liability for card thefts. If not, some insurance companies will allow you to change your policy to include this protection.
  2. How to Report Fraudulent Transactions
    • Contact your ATM or debit card issuer.
      • Report the fraudulent transaction. Act as soon as you discover a withdrawal or purchase you didn’t make.
    • Write a follow-up letter to confirm that you reported the problem.
      • Keep a copy of your letter.
      • Send it by certified mail and ask for a return receipt.
    • Update your files.
      • Record the dates you made calls or sent letters.
      • Keep copies of letters in your files.
  3. How to Limit Your Losses

    The Fair Credit Billing Act (FCBA) and the Electronic Fund Transfer Act (EFTA) offer protection if your credit, ATM or debit cards are lost or stolen.

    Credit Card Loss or Fraudulent Charges

    Under the FCBA, your liability for unauthorized use of your credit card tops out at $50. However, if you report the loss before your credit card is used, the FCBA says you are not responsible for any charges you didn’t authorize. If your credit card number is stolen, but not the card, you are not liable for unauthorized use.

    ATM or Debit Card Loss or Fraudulent Transfers.

    If you report an ATM or debit card missing before someone uses it, the EFTA says you are not responsible for any unauthorized transactions. If someone uses your ATM or debit card before you report it lost or stolen, your liability depends on how quickly you report it:

    If you report: Your maximum loss:
    Before any unauthorized charges are made. $0
    Within 2 business days after you learn about the loss or theft. $50
    More than 2 business days after you learn about the loss or theft, but less than 60 calendar days after your statement is sent to you. $500
    More than 60 calendar days after your statement is sent to you. All the money taken from your ATM/debit card account, and possibly more; for example, money in accounts linked to your debit account.

    If someone makes unauthorized transactions with your debit card number, but your card is not lost, you are not liable for those transactions if you report them within 60 days of your statement being sent to you.

  4. How to Protect Your Cards and Account Information
    For Credit and ATM or Debit Cards
    • Don’t disclose your account number over the phone unless you initiate the call.
    • Guard your account information. Never leave it out in the open or write it on an envelope.
    • Draw a line through blank spaces on charge or debit slips above the total so the amount can’t be changed.
    • Don’t sign a blank charge or debit slip.
    • Tear up copies and save your receipts to check against your monthly statements.
    • Cut up old cards — cutting through the account number — before you throw them away.
    • Open your monthly statements promptly and compare them to your receipts. Report mistakes or discrepancies as soon as possible.
    • Carry only the cards you'll need.
    For Credit and ATM or Debit Cards
    • Don't carry your PIN in your wallet, purse, or pocket — or write it on your ATM or debit card. Commit it to memory.
    • Never write your PIN on the outside of a deposit slip, an envelope, or other papers that could be lost or looked at.
    • Carefully check your ATM or debit card transactions; the funds for this item will be quickly transferred out of your checking or other deposit account.
    • Periodically check your account activity, especially if you bank online. Compare the current balance and transactions on your statement to those you've recorded. Report any discrepancies to your card issuer immediately.

About Help! I've Been Hacked

Help! I've Been Hacked is a free online directory of links and telephone numbers for people who have been victimized by hacking, fraud, identity theft, or credit/debit card theft. It follows in the footsteps of Cord Cutter Central, which began as a personal project to find online television and video programming sites more quickly and easily than through the traditional approaches and evolved into something more. It is a work-in-progress, so if you have any suggestions about other features or additional institutions and providers that should be included, feel free to drop me a line using the contact form below (note: your email address and other information will not be shared with anyone else).

(*Required fields)