What To Do If One of Your Accounts Gets Hacked: A Calm Step-by-Step Guide

Finding out that one of your accounts may have been hacked is stressful. You may see a strange login alert, messages you did not send, purchases you did not make, or a password that suddenly no longer works.

Take a breath. The most important thing is to act in the right order. This guide walks you through what to do first, what to check next, and when to ask for help.

First: know the warning signs

An account may be hacked if you notice any of these:

• Friends or family receive messages from you that you did not send
• You get a login alert from a place or device you do not recognize
• Your password stops working
• Your recovery phone number or email address has been changed
• Emails are missing, deleted, or showing as read when you did not read them
• Your account is posting, buying, or sending things without you
• You see unfamiliar payment methods, orders, or subscriptions

If any of those happen, assume someone else may have access until you prove otherwise.

Step 1: Use a safe device

If possible, do the recovery steps from a device you trust — your own phone, tablet, or computer. Avoid using a public computer at a library, hotel, or shared office.

If the hacked account is on a computer that has strange pop-ups, fake virus warnings, or someone recently connected to it remotely, use your phone or another trusted device instead.

Step 2: Change the password immediately

If you can still sign in, change the password right away.

Use a password you have never used anywhere else. A good password is long, unique, and hard to guess. For example, a phrase with several words is usually easier to remember and harder to break than a short complicated password.

Do not reuse the same password from another account. If the old password was used anywhere else, change it there too.

Step 3: Turn on two-factor authentication

Two-factor authentication, sometimes called 2FA or MFA, adds a second check when someone tries to sign in. It might send a code to your phone, ask you to approve a sign-in, or use an authenticator app.

Turn it on anywhere it is available, especially for:

• Email accounts
• Bank and credit card accounts
• Facebook and other social media
• Amazon and shopping accounts
• Apple, Google, and Microsoft accounts

This one step can stop many hackers even if they know your password.

Step 4: Sign out of other devices

Most major accounts have a place in settings where you can see devices that are signed in. Look for names like Devices, Sessions, Security activity, or Where you're logged in.

Remove or sign out of anything you do not recognize. If there is a button that says Sign out of all devices, use it after you change the password.

Step 5: Check your recovery information

Hackers often try to change the backup email address, phone number, or security questions so they can get back in later.

Check these settings carefully:

• Recovery email address
• Recovery phone number
• Backup codes
• Security questions
• Trusted devices

If you see anything unfamiliar, remove it and replace it with information you control.

Step 6: If it was your email, check forwarding rules

Email is especially important because it is often the key to your other accounts. If someone controls your email, they may be able to reset passwords for your bank, shopping, social media, and medical accounts.

After changing your email password, check your email settings for:

• Automatic forwarding to an address you do not recognize
• Filters or rules that hide certain emails
• Blocked senders you did not add
• A changed signature or automatic reply

Remove anything suspicious. Hackers sometimes create rules that quietly hide password reset emails or bank alerts.

Step 7: Check money-related accounts

If the hacked account connects to money, check it closely.

• Look for unfamiliar purchases, transfers, subscriptions, or saved cards
• Check your bank and credit card accounts for recent charges
• Call your bank or card company using the number on the back of your card if anything looks wrong
• Remove payment methods from accounts you do not trust

If someone stole money, contact the bank or credit card company right away. The sooner you report it, the better your chances of limiting the damage.

Step 8: Warn your contacts

If your email, Facebook, or messaging account was used to contact other people, tell your friends and family.

You can send a simple message like:

My account was hacked. Please do not click any links or respond to any messages that looked like they came from me recently. I am securing the account now.

This matters because scammers often use a hacked account to trick trusted contacts next.

Step 9: If you cannot sign in, use the official recovery page

If the hacker changed your password and locked you out, go directly to the official recovery page for that service. Do not search randomly and click sponsored results. Type the company name and “account recovery” carefully, or use these official starting points:

• Google account recovery and hacked account help
• Microsoft hacked account recovery
• Facebook hacked account help
• Apple Account support

Only use the official website or app. Be careful of anyone who says they can “recover” your account for a fee. Recovery scammers often target people who are already upset.

Step 10: Check the device for malware

If you think someone got your password because of a fake pop-up, suspicious download, or remote support scam, update and scan the device.

• Install all phone or computer updates
• Run your built-in security scan, such as Windows Security on a Windows computer
• Delete apps or programs you do not recognize
• If someone remotely controlled your computer, disconnect from the internet and ask a trusted technician for help

Changing the password helps, but if the device is still infected, the thief may be able to steal the new password too.

Step 11: Watch for follow-up scams

After an account is hacked, scammers may try again. They may pretend to be tech support, the bank, the police, or even the company whose account was hacked.

Be suspicious of anyone who:

• Calls you out of the blue about the hack
• Asks for remote access to your computer
• Demands payment by gift card, wire transfer, cryptocurrency, or payment app
• Says they can recover stolen money for a fee
• Pressures you to act immediately and keep it secret

Real companies do not need gift cards to fix your account. Real banks do not ask you to move your money to a “safe account.”

A quick order to remember

1. Use a trusted device
2. Change the password
3. Turn on two-factor authentication
4. Sign out of unfamiliar devices
5. Check recovery email, phone number, and forwarding rules
6. Check bank, card, and shopping activity
7. Warn contacts if messages were sent from your account
8. Report fraud if money or personal information was stolen

Where to report it

If money was stolen or your personal information was used, report it. These reports help authorities track scam patterns and may help you create a paper trail.

• FTC: ReportFraud.ftc.gov
• Identity theft: IdentityTheft.gov
• Internet crime: IC3.gov

Most importantly: do not be embarrassed. Good people get hacked every day. Acting quickly and calmly is what matters.

Sources: FTC guidance on recovering hacked email and social media accounts; FTC guidance on what to do if you were scammed; Google Account Help; Microsoft Support; CISA guidance on multi-factor authentication.