T2021_14 How to Recover from a Hacked Account (11th August 2021)

Being unable to access your online account for whichever service it's for, it's a clear indication that something has gone wrong. This can be, observing login receipt from strange locations, unusual login times or changes to your security settings and messages sent from your account that you don’t recognize are also an indication.

Once you have suspected your account has been hacked, there are several steps one must follow to help recover and secure their account.

Steps to recover from a hacked account.

  • Update your devices – your operating system and apps on your ICT (Information Communication Technology) devices should be updated. These updates will install the latest security fixes.
  • Contact your provider – if you cant access your account, contact your provider immediately and indicate what you have observed when trying to access your account. You will be advised to populate your info on the support/help page from the provider website, whereby, you will receive a detailed recovery process.
  • If your email account was hacked – once you have salvage authority of your account, check your email filters and forwarding rules. It is a common trick for the person hacking your account to set up email forwarding rules that send a copy of all your received emails to them.
  • Change passwords – after completing the steps in the above (If your email account was hacked) changed your password on all accounts and use independent passwords for each account.
  • Set up Authentication principle – Use MFA (Multi-Factor Authentication) over 2FA (Two Factor Authentication) once your account provides this kind of security service. This helps to provide an extra layer of protection against your account being hacked.
  • Notify your contacts – notify your contacts by all forms of communication medium informing them of your ordeal, this will help to prevent them as well from being hacked. This process should be following through regardless if you managed to restore your account or not.
  • If your cant recovers from your account – create a new account and notify your contacts immediately why you are using a new contact. As well as using your new account for your various domestic or professional online services.
  • Contact the CIRT – if you feel your email account has been compromised, notify the CIRT within your country about the incident.

The Guyana National CIRT recommends that users and administrators review these recommendations and implement them where necessary.

PDF Download: How to Recover from a Hacked Account.pdf

References

  • Tips on how to recover from a hacked account (17th December 2018). Retrieved from UK National Cyber Security Centre.

          https://www.ncsc.gov.uk/guidance/recovering-a-hacked-account

  • Tips on how to recover from a hacked account (May 2021). Retrieved from Federal Trade Commission Consumer Information.

          https://www.consumer.ftc.gov/articles/how-recover-your-hacked-email-or-social-media-account