An account compromise occurs when someone illegally accesses your email, social media, online banking, or other personal accounts. This can happen through methods like phishing, using the same password on different sites, or a data breach.
It is crucial to take immediate action to regain access and safeguard your sensitive information.
Follow these steps below if you believe your online account has been compromised.
Change your password immediately
If you still have access to the account:
- Change your password right away
- Choose a strong, unique password that you haven’t used elsewhere
- Log out of all other session
If you can’t log in:
- Use the account’s “Forgot Password” or account recovery process.
Enable multi-factor authentication
If MFA is not already turned on, turn it on immediately. MFA adds an extra layer of security making it harder for attackers to access your account.
What is multi-factor authentication (MFA)?
Review account activity
Once you have secured access to your account:
- Check for any unauthorized changes or activity (sent messages, new linked devices, transactions, etc…)
- Remove access from unknown apps, devices or connected services
Report the incident
Depending on the type of account, report the account compromise to the account service provider e.g. Google, Facebook, TikTok.
Additionally, report the incident to PNG NCSC.