It can feel embarrassing to be the victim of a crime but, remember: It’s so, so common.
Your family has a plan in case of a fire. You might have one for earthquakes, or other natural disasters. And, these days, it’s a good idea to also have a plan for what you’re going to do if you’ve been hacked.
Because, believe it or not, it’s much more likely that you or a loved one will be the victim of a data breach, phishing attack, romance scam, or one of the many other cyber crimes that we colloquially call “hacks” these days. According to the FBI’s 2021 Internet Crime Report, there were nearly 850,000 filed complaints of “hacks” in 2021, for a total of nearly $7 billion lost. In comparison, there were about 338,000 home structure fires that same year.
Yikes! With that in mind, we wanted to provide you with a short and sweet emergency plan for what to do if you (or a loved one) have been hacked. Print it out, pin it next to your computer, place it on the fridge, or file it away somewhere handy to ensure that if you’re a victim of a cyber crime, you know what to do.
The first move after being a victim of a cyber crime is to change your passwords. Start with the service that was immediately affected, then branch out to other sites, apps, or services where you’ve used that same password. If you still have some steam, continue on to other accounts and change those passwords as well.
One tool that really helps with creating, remembering, and changing secure passwords is a password manager. Download one and start using it ASAP.
While you’re in there changing passwords, be sure to enable two-factor authentication (TFA), if it’s available. TFA requires that you input not only your password but also another authenticating factor (like a code that’s been texted to you) in order to access an account. This adds another layer of security onto your accounts, because the cyber criminals who got ahold of your password likely don’t have access to your text or email, making it impossible for them to log in again.
When any account has been compromised, it’s possible that your bank (and other financial institutions) accounts might be compromised. Contact your bank ASAP to let them know what happened and that they should be on the lookout for any suspicious activity.
It can feel embarrassing to be the victim of a crime but, remember: It’s so, so common. Letting your friends and family know what happened to you not only helps them be aware of similar scams themselves, but also alerts them that they need to be on the lookout in case they receive a weird message from “you.”
It can be difficult to prosecute cyber crimes after they’ve happened, but letting the FTC know what happened helps them prevent more crimes in the future.
Take our cyber awareness quiz and learn how you can navigate discussions with your family around the complexities of technology and digital threats. What's more, download our online safety checklist (PDF) for a quick guide to better online safety.
Here’s a comprehensive guide to IRS scam calls, including how to recognize them and how to protect yourself.
One type of phishing scam that tends to occur during tax season is the W-2 scam, in which hackers pretend to be company executives and request employee W-2 forms. Here's how to stay safe.