What to do if your account or device has been compromised

If you think your account may have been hacked or that you may be the victim of a scam check for the following warning signs:

• You are signed out of your online accounts such as banking, social media and email or you try to log in and your passwords no longer work
• You receive emails or text messages about login attempts, password resets or multi-factor authentication requests you didn’t initiate
• Your account activity or sign-in logs might have logins from devices and locations that you don’t recognise
• You might receive spam emails that threaten or try to extort you
• Friends and family advise they’ve received strange messages from your email and social media accounts
• Devices slow down, heat up or start to crash more often
• Suspicious charges on your credit card or bank statements.

If your account or device has indeed been compromised, you need to take action immediately. Hackers know they have a limited amount of time to take advantage of their newfound access to your account, so it is imperative to follow the steps below and act quickly once you realise your account has been compromised.

Report the cyber concern

Visit the Stay Cyber Safe webpage and click on ‘Report a cyber concern’. Complete the short form, this is sent directly to the UQ Cyber Security Operations Centre (CSOC). Do not worry if your concern turns out to be false, CSOC would prefer hundreds of false concerns, rather than missing a real attack.

Use the Phish Alert Button

To report a suspicious email from your work account, use the Phish Alert button in Outlook. If you use another email client, follow the instructions on how to report a suspicious email.

Immediately change your passwords

Antivirus software check

Run a scan using your antivirus software and follow any instructions if issues are detected.

Assess the situation

Check your other accounts for unusual activity to ascertain how widespread the attack has been, particularly for accounts that use the same password as the one that was infiltrated. Thoroughly check bank accounts and credit card statements for unauthorised charges and unusual activity as well as social media.

Contact your bank if necessary

If you notice unauthorised transactions on any of your bank accounts and credit cards, advise the bank or credit provider immediately to dispute the transactions and place a hold on your accounts.

Set up multi-factor authentication on your accounts

Multi-factor authentication (MFA) provides an additional layer of protection to your accounts. A second approval method is required in addition to your password, such as a PIN, text, or facial recognition verification.

Contact those who can help

IDCARE is an identity and cyber support service for individuals and organisations who have had their identity details compromised. The service provides advice on how to respond to scams, identity theft and cyber security concerns. Details of how to get in touch with the organisation is on their website.

If you have suffered financial loss due to unauthorised transactions being processed through your bank accounts or credit cards, your bank will also be able to assist with recovering funds.  

Record and Report

Keep a record of the incident including details of what happened and when it occurred, what may have led to the incident and how you responded. If someone has shared or threatened to share intimate images of you, report the incident to the Office of the eSafety Commissioner and seek their advice.

You can report scams to Scamwatch and you can visit ReportCyber to determine if the incident should be reported to the ACSC.

Monitor your accounts closely

Keep a close eye on your accounts for the next month and advise friends on social media to be on the lookout for suspicious activity as well.

The National Cybersecurity Alliance: How to tell if your computer has a virus and what to do about it.