First steps to mitigate the problem:
If you still have access to the account
Move to a different computer – one that you consider to be safe or uncompromised. Log in and change the password on your account. Then move to the following steps:
- Step 1: Stop using this account for the exchange of sensitive information until you better understand the situation.
- Step 2: If possible, review the connection history/account activity (an available feature for Facebook, Gmail and other email platforms). Check to see if your account was used at a time when you were not online or if your account was accessed from an unfamiliar location or IP address.
- Step 3: Take a look at the account settings. Have they been changed? For email accounts, check for auto-forwards in email, possible changes to the backup/reset email address of phone numbers, synchronization to different devices, including phones, computers or tablets, permissions to applications or other account permissions.
- Step 4: Change the passwords for all your other online accounts that are linked to this one. For example, if you are looking at an email account and it is the recovery address for another account, change the password for that account.
- Step 5: Don’t stop here! Follow the important next steps below
If you no longer have access to the account:
Follow the recovery procedures of the different providers. Note that different services have different ways to reset the password on your account. Some will send you a link to change your password using your recovery email address, while others reset it to your last password. In the reset case it is important to change your password immediately after regaining access to your account. If these steps do not work and your account is being abused, contact one of the organizations listed above for possible support in shutting the account down.