I’ve been hacked and want to get them totally out of my account
What to do in this situation?
I’m not at all tech savvy and there is probably a sub better suited for this but I don’t know it so I’ll post here.
I got hacked. At first, a few days ago there was a login from the USA on my email(im from the UK) I changed my password, added my phone number, thought it was done. Then I was on Spotify and saw a bunch of liked songs I had never listened to. I changed my password clicked “sign out of all devices”, changed it again and signed out of all devices again. I know I have a terrible habit which I didn’t realise was this bad: I log into a lot of websites with my primary email account with the same, pretty insecure password. I’ve changed the passwords for all the sites someone might access, but not any others.
Then, I noticed some files on my phone, with the attachments. .tmb, and crypt14. Apparently its not malware or anything but it still terrified me. Another thing, Gmail has a feature to look at all devices signed into your account in the last 28 days, and there were no unusual ones, but what about that one from the USA, that one didn’t show up, so I’m wondering how accurate that even is? I have no bank accounts since I’m 14, but I hate the idea that somebody Is lurking on my device or using some random website I logged into under my name. Luckily none of my details have been changed and I have added my phone number as an extra layer of security.
So my main questions are
Steps moving forwards?
How to find EVERY SINGLE website your email address is logged into so I can delete the accounts or change the passwords?
How likely you think it is that the hacker only actually wanted to access my Spotify, as that is the only paid websites I use?
Thank you for any help, please answer fast, I’m basically terrified at the prospect of anyone on my devices or doing anything under my name.
You must log in or register to comment.
Hi there, I’m sharing my experience as I’ve been hacked before
Steps moving forwards?
- NEVER, ever, in a million years, reuse passwords. I understand it’s easy to just login with 1 password but it’s also easier for hackers to get into your accounts.
- Try to have different email addresses for each account you have.
I know this can be very annoying but it will be easier to narrow down your things.
My work email last time was connected to lots of important things like PayPal and even government stuff, I lost my original Skype account that had a username instead of a string of letters and numbers they have now. - Always use 2FA (two-factor authentication). Having your number is a good move, however, keep in mind that SIM cards can be spoofed so always have a backup like Google Authenticator or Microsoft Authenticator.
- Besides checking haveibeenpwned, you can check your email by typing keywords like: ‘‘welcome’’, ‘‘verify your email’’, ‘‘confirm’’, ‘‘activate’’ in the search bar of your Gmail.
Thank you very much, i realise how much of a mistake I have been making, no wonder I got hacked, this is a good life lesson
Don’t be too hard on yourself, hacking can happen anytime and anywhere (my work equipment was hacked before and we had protocols)
But in the future, at least you are now aware that you’ll need to add 2FA codes from Google Authenticator or Microsoft Authenticator after you put your phone number in or know which email account to use when you sign up for something :)