Don’t stop here! Important next steps:
Whether your device is still lost or you have it back, complete the following steps:
- Step 1: Think about what you used this device for – is there sensitive information on this device, such as your contacts, location or the content of your messages? Can this data be problematic for someone?
- Step 2: Inform your network. Inform the key and high-risk contacts you work with privately. If you feel comfortable doing so, post a list of potentially compromised accounts on your website or a social media account.
- Step 3: Do you use the same password on other accounts or devices? If so, perform this process on those accounts. They may also be compromised.
- Step 4: If possible, review the connection history/account activity of all accounts connected to the device (available feature on Facebook, Gmail and other email providers). Check to see if your account was used at a time when you were not online or if your account was accessed from an unfamiliar location or IP address. See the Account Hijacking section for further details.
- Step 5: Check the account settings of all accounts connected to the device. Have they been changed? For email accounts, check for auto-forwards, possible changes to the backup/reset email address of phone numbers, synchronization to different devices, including phones, computers or tablets, and permissions to applications or other account permissions.
- Step 6: Repeat the review of the connection history/account activity – at least once a week for a month – to ensure that your account does not continue to show strange activity. If the history/account activities continue to show strange activity, proceed to the malware section.