What to Do if You Get Hacked

There are lots of fun and interesting things you can do on the internet. And it can be a great way to stay in touch with friends. As we are carrying out more and more of our lives online it's important to understand how to protect your information and stay safe online.

It’s not always easy to know what is safe and what is not online, DigiKnow has loads of information on digital safety to help you navigate the online world, along with help if you want to get into a career in cyber and fun digital games and competitions. However, sometimes, we might be victim to a hack. Read on to find out what you should do if your accounts have been hacked...

A hand on a keyboard

What is hacking?

Hacking is when someone breaks into a computer system. They usually do this by targeting people using email and website scams or malware, a software that can damage your device or let a hacker in.

From banking to shopping, and streaming to social media, people are spending more time than ever online. This means more opportunities for hackers to carry out cyber-attacks.

If hackers get into your device or accounts, they could access your money and personal information and you could become a victim of identity theft or identity fraud. Identity theft is when your personal details are stolen and identity fraud is when those details are used to commit fraud. 

Identity theft happens when hackers can gather enough information about someone’s identity, like their name, date of birth, current or previous addresses and use this to carry out identity fraud. If you’re a victim of identity theft, it can have a direct affect on anything from your social media and email accounts to your personal finances, and could also make it difficult for you to get things like loans, credit cards or a mortgage until the problem is resolved.

Identity fraud is when the hackers who have stolen your identity use it in criminal activity to get products or services while lying about their identity.  This can be really serious, hackers can use your identity details to open bank accounts, get credit cards, order products in your name, take over existing accounts and take out mobile phone contracts. Hackers could even get genuine documents such as passports and driving licenses in your name once they have stolen your identity. The act of stealing an person’s identity details is not identity fraud, but using that identity for any of the activities listed does.

Often the first sign that you have been a victim of identity theft or identity fraud may be when you receive bills for things you haven’t ordered or when you receive letters from debt collectors for debts that aren’t yours. This is why its so important to take actions to protect yourself from getting hacked in the first place.

Image of a phone with a shield

How to protect yourself from hackers

Keep your passwords safe

If a hacker gets into your email, they could reset your other account passwords and access information you have saved about yourself or your business. Your email password should be strong and different to all your other passwords. This will make it harder to crack or guess.

Think before you post

Are you ok with uploading or sharing something your parents, carers, teachers, or future employers might see? Once you post something, you lose control of it, especially if someone else screenshots or shares it. Keep things like your address, phone number, full name, school and date of birth private, and check what people can see in your privacy settings. Remember that people can use small clues like a school logo in a photo to find out a lot about you.

We have information on how to stay safe and update your privacy settings on Facebook, Instagram, TikTok, Snapchat and Twitter, so you can decide who is able to view what you post.

Have a listen to our Young Scotcast here or by pressing play below and hear Capital's Katy J finding out just how much information Declan Doyle, Head of Ethical Hacking at the Scottish Business Resilience Centre, can find about her online.

Be careful when using public devices and wi-fi networks

Lots of websites will keep you logged in, even after you close them. If someone else has access to the phone or device you’re using then they might be able to log into your account. If you’re using someone else’s device or someone else might have access to yours, make sure you log out of any websites or apps when you’re finished, don’t save any passwords or log-in information, and clear your internet history.

Public Wi-Fi networks can be found in public places like airports, coffee shops, restaurants, and hotels — and it allows you to access the internet for free. These networks are so common that people connect to them without thinking twice. Although it sounds harmless to log on and check your social media account or emails, everyday activities that require a login — like reading an email or checking your bank account could be risky on public Wi-Fi. The problem with public Wi-Fi is that there are a large number of risks that go along with these networks because the chances are the security on these networks is low.

Updating devices

Out-of-date software, apps, and operating systems contain weaknesses which makes them easier to hack. Companies fix the weaknesses by releasing updates, so when you update your devices and software, this helps to keep hackers out. Turn on automatic updates for your devices and software that offer it, this means you do not have to remember each time, but some devices and software need to be updated manually. You may get reminders on your phone or computer so don't ignore these reminders as updating will help to keep you safe online.

Back up your data

Backing up means creating a copy of your information and saving it to another device or to cloud storage (online). Backing up regularly means you will always have a recent version of your information saved. This will help you recover quicker if your data is lost or stolen. You can also turn on automatic backup which will regularly save your information into cloud storage, without you having to remember. If you back up your information to a USB stick or an external hard drive, disconnect it from your computer when a back up isn’t being done.

Watch out for phishing and scams

Phishing is when someone tries to trick you into giving them information, like your password. Someone might also try to trick you by saying they can make you famous or that they’re from a talent agency. Never click links from emails or messages that ask you to log in or share your details, even if you think they might be genuine. If you’re asked to log into a website, go to the app or site directly instead.

Image of laptops with various images on screens

Have you been hacked?

Here are some tips on how to notice if you've been hacked.

  • Your contacts are receiving messages not sent by you. If your contacts are receiving messages which appear to be from you but are not is a sign that you have a digital security issue.
  • Your online password stops working. If you are visiting a website that you use regularly you will know the password you need to enter. You might accidentally press the wrong key or misspell the password but the chances of doing this a few times seems unlikely. Once you know that the password is not working, you should consider the possibility that you have been hacked.
  • Slow computer performance. If your device is suddenly working slowly or unpredictably it may mean that a virus has infected it. Spyware, a malicious type of software, can track your online activity, tamper with your files, and even steal your private information.
  • Watch out for ransomware. Ransomware can enter your system through emails, and you allow it to do so when you click on an attachment from an unknown sender. Ransomware can lock your files and make them inaccessible.
Image of a computer with a virus protection image on the screen

What to do if you have been hacked

If you think you’ve been hacked and are not sure what to do, speak to a parent, carer or teacher than you trust. We’ve put a list below of other actions you should take straight away.

  1. Change your passwords - This is the first thing you must do to make sure that the hacker can’t get back into your account. Your new password must be complex and unrelated to previous passwords. Remember using 3 random words is a good way to create a strong, unique password that you will remember.
  2. Reach out to your email contacts immediately - Send a message to all of your email contacts as soon as possible to let them know they should avoid opening any emails that have come from you.
  3. Change your security questions - If you have security questions associated with your email account, be sure to change them too.
  4. Enable Multi-Factor Authentication - Multi-factor authentication adds another layer of protection. Enabling this will mean that in addition to your password, you will need a unique one-time use code to log in.
  5. Scan your computer for malware and viruses - This is an important step. Comprehensive security software will provide you with a digital shield for your online life.
  6. Change any other accounts with the same password - This is time-consuming but a worthwhile effort. Make sure that you change any other accounts that use the same username and password as your compromised email. Hackers love when we use the same logins for multiple accounts.

Citizen's Advice have an online scams helper to get advice that’s specific to your situation.

Find out more about staying safe online at the Digi Know page.