Your Account Was Hacked – Now What? Complete Recovery Guide

You wake up to find you can’t log into your email. Your Facebook is posting spam links. Your Instagram has a new profile picture you didn’t change. Your friends are getting weird messages from "you."

Your account has been hacked.

Panic sets in. What do they have access to? Can you get your account back? How did this happen?

Account recovery can be stressful, confusing, and time-consuming. But if you act fast and follow the right steps, you can regain control and prevent future attacks.

This guide walks you through exactly what to do when—not if—one of your accounts gets compromised.

How to Know If You’ve Been Hacked

Sometimes it’s obvious. Sometimes it’s subtle. Here are the warning signs:

Obvious Signs

  • You can’t log in (password changed)
  • You receive a "password changed" email you didn’t initiate
  • Your account is posting content you didn’t create
  • Your friends tell you they received strange messages from you
  • You see login alerts from unfamiliar locations
  • Money is missing from your bank account
  • Your email is sending spam

Subtle Signs

  • Unfamiliar devices logged into your account
  • Strange apps connected to your account (check Gmail settings or Facebook apps)
  • Your sent folder has emails you didn’t send
  • Settings have changed without your knowledge
  • Unknown email addresses added as recovery options
  • Two-factor authentication suddenly disabled

If you see any of these, assume you’re compromised and act immediately.

Step-by-Step: Recovering a Hacked Account

Time is critical. The faster you act, the less damage the hacker can do.

IMMEDIATE ACTIONS (Do These First)

Action 1: Try to Change Your Password

If you can still log in:

  1. Change your password immediately

    • Go to account settings
    • Change password to something completely new
    • Use a strong, unique password (20+ characters)
    • Don’t reuse old passwords

  2. Enable two-factor authentication if you haven’t already

    • This prevents the hacker from getting back in
    • Use an authenticator app (not SMS if possible)

If you can’t log in (password already changed):

  1. Click "Forgot Password"
  2. Use your recovery email or phone number
  3. Follow the reset link immediately
  4. Change the password before the hacker sees the reset email

Action 2: Check Your Recovery Information

Hackers change recovery emails and phone numbers to lock you out permanently.

Check immediately:

  1. Recovery email addresses
  2. Recovery phone numbers
  3. Security questions

If these have been changed:

  • You need to use the platform’s account recovery process
  • Act fast before the hacker solidifies their control

Action 3: Revoke Access to Suspicious Apps and Devices

Hackers often connect their own apps or stay logged in on their devices.

For Gmail/Google:

  1. myaccount.google.com/security
  2. "Your devices" – Remove unknown devices
  3. "Third-party apps with account access" – Remove suspicious apps

For Facebook:

  1. Settings > Security and Login
  2. "Where you’re logged in" – Remove unknown sessions
  3. "Apps and Websites" – Remove suspicious apps

For Instagram:

  1. Settings > Security
  2. "Login Activity" – Remove unknown locations
  3. "Apps and Websites" – Remove connected apps you don’t recognize

For Apple ID:

  1. appleid.apple.com
  2. Devices – Remove unknown devices
  3. Sign in to iPhone/iPad Settings
  4. Remove devices from the list

Action 4: Alert Your Contacts

If hackers are using your account to message people:

  1. Post a status/story warning friends not to click links from you
  2. Message close friends directly from a secure account
  3. Consider temporarily deactivating the account if you can’t stop the spam

RECOVERING SPECIFIC ACCOUNTS

Different platforms have different recovery processes. Here’s how to handle the major ones:

Gmail/Google Account

If you can’t access your account:

  1. Go to accounts.google.com/signin/v2/recoveryidentifier
  2. Enter your email address
  3. Click "Forgot password?"
  4. Try recovery methods:
    • Recovery email
    • Recovery phone number
    • Security questions
    • Last password you remember
  5. If these don’t work, click "Try another way"
  6. Google will ask security questions about:
    • Account creation date
    • Frequently emailed contacts
    • Security questions
  7. Be as accurate as possible

If you still can’t recover:

  • Fill out Google’s account recovery form
  • Provide as much detail as possible
  • Check the recovery email regularly for Google’s response
  • This process can take days

After recovering:

  1. Change password
  2. Enable 2FA with authenticator app
  3. Review security settings
  4. Check for forwarding rules (Settings > Forwarding and POP/IMAP)
  5. Review filters that might be hiding emails

Facebook Account

If you can log in:

  1. Settings > Security and Login
  2. "Change password"
  3. "Where you’re logged in" – End all other sessions
  4. "Two-factor authentication" – Enable it

If you can’t log in:

  1. Go to facebook.com/hacked
  2. Click "My account is compromised"
  3. Enter email or phone
  4. Follow recovery steps
  5. Select trusted contacts if needed
  6. Reset password

If that doesn’t work:

  1. Go to facebook.com/identify
  2. Prove identity with ID (sometimes required)
  3. This can take days or weeks

After recovering:

  • Review all posts made while hacked (delete them)
  • Check privacy settings
  • Remove suspicious apps
  • Review friend requests sent while hacked

Instagram Account

If you can log in:

  1. Settings > Security
  2. "Password" – Change it
  3. "Login Activity" – Remove suspicious sessions
  4. "Two-Factor Authentication" – Enable it

If you can’t log in:

  1. Click "Forgot password?" on login screen
  2. Use email or SMS to reset
  3. If email was changed: Click "Need more help?"
  4. Instagram will ask you to verify identity
  5. Take a selfie video following their instructions
  6. Wait for Instagram to review (can take days)

After recovering:

  • Delete posts made by hacker
  • Change profile photo if changed
  • Review who you’re following
  • Check for story highlights added by hacker

Apple ID

If you can log in:

  1. appleid.apple.com
  2. Sign In & Security section
  3. Change password
  4. Enable two-factor authentication

If you can’t log in:

  1. iforgot.apple.com
  2. Enter Apple ID email
  3. Choose recovery method:
    • Account recovery (if 2FA enabled)
    • Security questions
    • Email authentication
  4. Follow the process

Account recovery with 2FA can take days:

  • Apple prioritizes security over convenience
  • You’ll receive status updates via email
  • Have patience—this is protecting you

After recovering:

  • Check devices signed in
  • Review purchases
  • Enable "Find My" if not already on
  • Review app-specific passwords

Microsoft/Outlook Account

If you can log in:

  1. account.microsoft.com/security
  2. Change password
  3. Set up two-step verification
  4. Review recent activity

If you can’t log in:

  1. account.live.com/password/reset
  2. Choose recovery method
  3. Complete security verification
  4. Create new password

After recovering:

  • Check forwarding rules
  • Review connected devices
  • Scan your computer for malware
  • Enable two-step verification

WHAT TO DO AFTER REGAINING ACCESS

Getting your account back is just the first step. Now you need to secure it and assess the damage.

1. Change ALL Your Passwords

Not just the hacked account—every account that used the same or similar password.

Why: Hackers try your password on every major website. If you reused passwords, they have access to multiple accounts.

Priority order:

  1. Email accounts (master keys to everything)
  2. Banking and financial accounts
  3. Social media
  4. Shopping sites with saved payment info
  5. Work accounts
  6. Everything else

Use a password manager to generate unique passwords for each account. Never reuse passwords again.

2. Enable Two-Factor Authentication Everywhere

Two-factor authentication (2FA) prevents this from happening again.

Set up 2FA on:

  • All email accounts
  • Banking apps
  • Social media
  • Password manager
  • Cloud storage
  • Any account you care about

Use an authenticator app (Google Authenticator, Authy) instead of SMS when possible. SMS can be intercepted through SIM swapping.

3. Check Your Devices for Malware

The hack might have started with malware on your device.

On Windows:

  1. Run Windows Defender full scan
  2. Download and run Malwarebytes
  3. Check for unfamiliar programs in Control Panel

On Mac:

  1. Run Malwarebytes for Mac
  2. Check Applications folder for suspicious apps
  3. Review Login Items (System Settings > General > Login Items)

On iPhone:

  • iOS is harder to infect, but check for suspicious apps
  • Review app permissions
  • Consider factory reset if concerned

On Android:

  1. Scan with Google Play Protect
  2. Download and run Malwarebytes Mobile
  3. Check for suspicious apps in Settings > Apps

4. Review Financial Accounts

If your email or banking was compromised, check your finances immediately:

  1. Bank accounts – Look for unauthorized transactions
  2. Credit cards – Check recent charges
  3. Crypto wallets – Verify balances
  4. PayPal/Venmo – Check transaction history
  5. Amazon/shopping accounts – Look for orders you didn’t make

Report fraudulent transactions immediately:

  • Call your bank’s fraud department
  • File a police report if large amounts were stolen
  • Contact your credit card company
  • Freeze your credit if identity theft occurred

5. Review Account Activity and Damage

What did the hacker do?

Check for:

  • Messages sent in your name
  • Posts or status updates
  • Photos posted or deleted
  • Settings changed
  • Apps or services connected
  • Email rules or filters created
  • Contacts added or deleted
  • Files accessed in cloud storage

Delete/undo everything the hacker did that you can.

Notify contacts if the hacker impersonated you:

  • "My account was hacked. Ignore any strange messages."
  • Warn about phishing links they may have received

6. Monitor Your Credit

If personal information was exposed (email with tax documents, ID photos, etc.):

  1. Check your credit report at annualcreditreport.com
  2. Consider a credit freeze (free and reversible)
  3. Set up fraud alerts with credit bureaus
  4. Monitor credit for suspicious activity

Identity theft can surface months later.

HOW ACCOUNTS GET HACKED (And How to Prevent It)

Understanding how you got hacked helps prevent it happening again:

Method 1: Password Reuse + Data Breaches

A website you used gets hacked. Your email and password leak. Hackers try that password on every major website.

Prevention:

  • Use unique passwords for every account
  • Use a password manager
  • Never reuse passwords

Method 2: Phishing

You clicked a link in an email, text, or message that looked legitimate. You entered your password on a fake login page.

Prevention:

  • Never click links in unexpected emails/texts
  • Always go directly to websites by typing the URL
  • Check URLs carefully before entering passwords
  • Enable two-factor authentication (fake sites can’t bypass it)

Method 3: Weak Passwords

Your password was "Password123" or your pet’s name + birthday. Hackers guessed it or cracked it with automated tools.

Prevention:

  • Use long passwords (16+ characters)
  • Use random characters or passphrases
  • Never use dictionary words, names, or dates

Method 4: Public WiFi Snooping

You logged into accounts on unsecured public WiFi. Someone intercepted your traffic.

Prevention:

  • Always use a VPN on public WiFi
  • Avoid logging into sensitive accounts on public networks
  • Only visit HTTPS websites

Method 5: Malware/Keyloggers

Malware on your device recorded your keystrokes, capturing passwords as you typed them.

Prevention:

  • Keep antivirus software updated
  • Don’t download pirated software
  • Be cautious with email attachments
  • Keep your operating system updated

Method 6: Social Engineering

The hacker called you pretending to be tech support, your bank, or a government agency. They tricked you into giving them information.

Prevention:

  • Never give passwords over the phone
  • Hang up and call official numbers yourself
  • Real companies never ask for passwords
  • Enable two-factor authentication (they can’t bypass it)

Method 7: SIM Swapping

The hacker convinced your phone carrier to transfer your number to their SIM card. They received your 2FA codes.

Prevention:

  • Use authenticator apps instead of SMS for 2FA
  • Set up a PIN with your carrier
  • Use a separate phone number for 2FA if possible

PREVENTING FUTURE HACKS: YOUR SECURITY CHECKLIST

Don’t just recover—fortify. Make hacking your accounts nearly impossible:

✓ Use a password manager with unique passwords for every account

✓ Enable 2FA everywhere using authenticator apps

✓ Keep software updated (OS, apps, browsers)

✓ Use antivirus/anti-malware software

✓ Be suspicious of unexpected emails, texts, calls

✓ Never reuse passwords across accounts

✓ Review account security settings quarterly

✓ Monitor your credit annually

✓ Use a VPN on public WiFi

✓ Back up important data regularly

THE BOTTOM LINE

Getting hacked is scary, but it’s recoverable. The key is acting fast:

  1. Change passwords immediately
  2. Enable two-factor authentication
  3. Remove hacker’s access (devices, apps)
  4. Check for financial damage
  5. Secure all accounts using similar passwords
  6. Understand how it happened
  7. Prevent it from happening again

Most importantly: Don’t panic, but don’t delay. Every minute counts when your account is compromised.

The good news? Once you’ve secured your accounts properly with unique passwords and two-factor authentication, the chances of this happening again drop to almost zero.

Learn from this experience. Make yourself a harder target. Hackers move on to easier victims.

And next time you see a "password changed" notification, you’ll catch it in seconds instead of days.