Living in the digital age, it’s all too common to find out your accounts have been compromised.
If it hasn’t happened to you, you likely know someone who has—whether it be Facebook, email, digital banking, or really any other online account with a login. Luckily, there are ways to mitigate the damage while jump-starting your recovery process. If you find or suspect any fraudulent activity, be sure to reach out to your financial institution right away.
Assess the damage
Take a step back and determine how much damage was done. Unfortunately, one compromised password can often be the gateway to multiple affected accounts and even complete identity theft. This is especially true if you use the same password for several accounts or use the compromised account or device for password recovery on other accounts. So, first things first: Access your accounts and look for anything suspicious and review your credit card and account statements.
If a physical device like your phone, laptop, or tablet was affected, consider taking the device to a professional to get checked out. “If someone believes their device has been compromised, it is a good idea to have a computer repair company run diagnostics (preferably in person) on it to see if there are any viruses or malware that have been installed,” said Stephanie Ziegler, Senior Financial Investigations Manager at SELCO. “Do not use that device to update new passwords until it has been looked at.”
Change your passwords
Once you know which accounts or devices have been compromised, change the passwords and/or PINs on these accounts. For an added measure of protection, it’s a good idea to change the passwords on all your accounts that may hold sensitive information. Remember to choose strong, unique passwords for every account (a password manager makes this simpler). While completing this step, consider opting in to push authentication or an authenticator app of your choice for any accounts that don’t already have it in place. And, perhaps most importantly, never share your account logins and PINs with anyone.
Protect your credit
Now that you’ve secured your accounts, it’s time for damage control. First, dispute any fraudulent charges on your compromised account(s), if applicable. If necessary, have the accounts locked, or even closed. Next, place a fraud alert on your credit reports. This serves as a red flag to potential lenders and creditors, making it more difficult for the scammer to open new lines of credit or take out a loan in your name. Consider a credit freeze, as well. This blocks all potential lenders from accessing your credit report, making it impossible for the hacker to open new credit accounts in your name. If you opt for a credit freeze, it will generally lapse after 90 days.
Spread the word
Report a possible or confirmed identity theft to the Federal Trade Commission (FTC) at identitytheft.gov. You’ll also find a detailed recovery plan on the site to help you repair your credit and reclaim your identity. In extreme cases, you can file a complaint with the FBI’s Internet Crime Complaint Center. It’s also a good idea to notify family or friends.
“This would pertain primarily to email or social media, but a compromised account can be used to spread fraudulent links, send fictitious requests for money, or even damage your relationships or reputation,” Ziegler said.
Proceed with caution
It’s important to keep a close eye on your accounts. Look out for suspicious activity on all accounts, including charges you don’t recall making, large withdrawals of cash, and even new loans being opened in your name. For many accounts, you can track and review login activity and turn on login notifications. If your identity was stolen, it’s best to follow the recovery plan outlined by the FTC. This plan may include replacing your Social Security number, driver’s license, and more.
Taking immediate and decisive action can help mitigate the damage and speed up the recovery process. And remember, we’re here to help if your SELCO accounts are ever compromised.
