What To Do If You Are Compromised By A Scam/Scammer

A Comprehensive Guide to Protecting Your Digital Life

Online security is becoming increasingly critical as more of our daily lives move onto the internet. Whether through hacking, phishing, tech support scams, or other malicious activities, account compromises can happen to anyone. This comprehensive guide provides detailed steps to help you respond effectively, recover your accounts, and protect yourself from future incidents.

IMPORTANT:

If you are in immediate danger or feel threatened,

Call 911 immediately.

WHAT TO DO NOW: Action Checklist

Follow these steps immediately if you suspect your account or device has been compromised. Complete details for each step are provided in the following sections.

Immediate Actions (D.C.C.R.)

1. DISCONNECT
   If your device itself has been compromised (such as remote access), unplug ethernet or turn off Wi-Fi immediately
   
   
2. CHECK & SECURE ACCOUNTS
   Log into your Online Payment Accounts such as; PayPal, Venmo as well as accounts for your bank(s), and credit cards, email accounts and social media accounts. The goal is to remove access to compromised accounts, or accounts that could eventually/possibly attacked.
   
   
3. CALL FOR HELP (If Applicable)
   • 911 if you're in legitimate danger (threats of physical harm, etc)
   • 311 for local victim support resources if/as needed
     
     
4. REPORT (If Applicable)
   - File reports with IC3/FBI and Identity Theft Resource Center if it applies to your situation.
   *Each site has an explanation of what can be/can't be reported.
   - File a police report as well if there was any financial impact, if any financial institutions were compromised and accessed without your knowledge or permission, you find any un-approved purchases in ANY of your accounts (banking, credit cards, online payment methods), or you know or believe any identity theft has occurred.

If You Gave Remote Access to a Scammer:

1. Disconnect from internet immediately
2. Uninstall remote access software (Control Panel > Programs > uninstall programs like TeamViewer, AnyDesk, LogMeIn, QuickSupport, Remote Desktop, etc.)
3. Run a security scan/check with Malwarebytes, ADW Cleaner and MRT

Secure Your Accounts:

1. Change Account Passwords in This Order:
   • Email accounts (highest priority)
   • Financial accounts (banks, credit cards, PayPal, Venmo)
   • Shopping sites (Amazon, eBay)
   • Social media and other accounts
     
     
2. Use strong, unique passwords (12+ characters, mix of letters/numbers/symbols)
   
   
3. Enable Two-Factor Authentication (2FA):
   • Best: Security keys (YubiKey) - buy 2 for backup
   • Good: Authenticator apps (Google Authenticator, Microsoft Authenticator, Authy)
   • Avoid: SMS/email 2FA (vulnerable to attacks)
     
     
4. Log out of all devices in each account!

Check Your Devices

1. Review installed apps - remove anything unfamiliar
2. Check app permissions - revoke unnecessary access
3. Update all software and operating systems
4. Run full security scans (Malwarebytes recommended)
5. If severely compromised: Backup data and factory reset device

Monitor and Follow Up

1. Check account activity for unauthorized logins or transactions
2. Review credit reports for suspicious activity
3. Consider fraud alert or credit freeze with credit bureaus
4. Watch for phishing emails attempting further compromise

---

The sections below provide detailed explanations and platform-specific recovery instructions for each of the previously mentioned steps to take.

Section 1: Signs Your Account or Device May Be Compromised

Acting quickly when you suspect a compromise can significantly reduce potential damage. Here are key warning signs to watch for:

Device Behavior Changes

• Unexpected battery drain or rapid discharge
• Unusual spikes in data usage
• Device overheating without heavy use
• Unexpected pop-ups or unfamiliar applications appearing
• Slower than normal performance

Account Warning Signs

• Unable to log into accounts with correct credentials
• Notifications of login attempts you didn't make
• Emails or messages you didn't send
• Friends reporting suspicious messages from your accounts
• Unauthorized purchases or transactions
• Password reset emails you didn't request

Checking Your Accounts for Unauthorized Access

Review your account activity regularly to detect unauthorized access:

Gmail/Google Account:

• Go to the bottom of your Gmail inbox and click "Details" to see recent activity

Facebook:

• Navigate to Settings > Security and Login > Where You're Logged In

Other Services:

• Look for similar "Recent Activity" or "Active Sessions" settings in your account security options

Section 2: Immediate Response Steps

If you suspect or confirm that your accounts or devices have been compromised, take these immediate actions to minimize damage and begin recovery.

Step 1: Disconnect and Contain

If you believe your device has been compromised:

• Disconnect from the internet immediately (unplug ethernet or turn off Wi-Fi)
• This prevents further remote access while you assess the situation

Step 2: Report the Incident

Reporting helps you recover control and aids in preventing further damage.

Emergency Services:

• 911: Call immediately if you are in any danger or feel threatened
• 311 (Local Non-Emergency): For identity theft assistance programs, victim support services, and guidance on filing reports
  • Note: 311 cannot investigate cyberstalking/hacking or provide technical support, but can connect you with appropriate resources

Federal Resources:

• FBI Internet Crime Complaint Center (IC3):
  • File a report for significant financial loss or cybercrime at https://www.ic3.gov
• Identity Theft Resource Center:
  • Free support for identity theft victims at https://www.idtheftcenter.org

Service Providers:

• Contact customer support for any compromised services immediately
• Most platforms (Google, Facebook, financial services) have dedicated processes for recovering hacked accounts
• See Section 6 for platform-specific contact information and recovery procedures

Step 3: Secure Payment Services Immediately

If you're locked out of an account linked to payment services, protect your finances immediately:

• Log into payment services separately (PayPal, Venmo, banking apps, credit cards)
• Remove access to the compromised account or website
• Review recent activity for unauthorized transactions
• Report any fraudulent activity to your payment service provider immediately
• Consider placing fraud alerts with your bank and credit card companies

Section 3: Tech Support Scams

Tech support scams are a particularly insidious type of fraud where scammers pose as legitimate technical support to gain access to your computer and personal information. If you've been targeted by or fallen victim to a tech support scam, follow these specific steps.

How Tech Support Scams Work

Initial Contact Methods:

• Cold Calls: Scammers call claiming to be from Microsoft, Apple, or antivirus companies, saying they've detected problems on your computer
• Pop-Up Warnings: Alarming messages appear while browsing, claiming your computer is infected and providing a number to call
• Phishing Emails: Messages appearing to be from legitimate companies warning about security threats

Scammer Tactics:

• Use technical jargon and alarming language to create urgency
• Ask victims to open files or run commands that produce fake error messages
• Persuade victims to install remote access software (TeamViewer, AnyDesk, LogMeIn)
• Pretend to run diagnostics or show fake errors
• Demand payment via credit card, wire transfer, or gift cards
• May install malware or leave backdoors for future access

Immediate Steps If You've Been Scammed

1. Disconnect from the Internet

• Unplug your ethernet cable or turn off Wi-Fi immediately
• This prevents further remote access

2. Identify and Remove Remote Access Software

Check Installed Programs:

• Go to Control Panel > Programs > Programs and Features
• Look for remote access software (TeamViewer, AnyDesk, LogMeIn, RealVNC)
• Uninstall any suspicious or unfamiliar programs

Check Task Manager Startup:

• Press Ctrl + Shift + Esc to open Task Manager
• Go to the Startup tab
• Disable any suspicious entries that start with Windows

3. Scan for Malware and Adware

• Malwarebytes Anti-Malware:
  • Download and install Malwarebytes
  • Run a full scan and remove any detected threats
• ADW Cleaner:
  • Download and run ADW Cleaner
  • Follow prompts to clean adware, toolbars, and potentially unwanted programs

4. Check Network and System Settings

• Network Settings:
  • Go to Control Panel > Network and Sharing Center > Change adapter settings
  • Right-click network connection, select Properties
  • Check for unfamiliar protocols or services
• Services:
  • Press Win + R, type "services.msc" and press Enter
  • Look for unfamiliar services running or set to start automatically
  • Right-click and stop suspicious services

Protecting Yourself from Tech Support Scams

• Legitimate companies rarely contact customers unsolicited about computer issues
• Verify claims independently through official company channels
• Never give remote access to someone you don't know or trust
• Use reputable security software and keep it updated
• Educate family members, especially those less tech-savvy

Section 4: Securing Your Accounts and Devices

After addressing the immediate threat, take these comprehensive steps to secure all your accounts and devices.

Change All Passwords

Update passwords across all online accounts, prioritizing the most critical:

Priority Order:

1. Email Accounts: Your email is the gateway to all other accounts - make this your first priority
2. Financial Accounts: Banking, credit cards, PayPal, Venmo, CashApp, Zelle, investment accounts
3. Shopping Platforms: Amazon, eBay, and any sites storing payment information
4. Social Media: Facebook, Instagram, Twitter/X, LinkedIn
5. Other Accounts: Work accounts, cloud storage, and any other online services

Password Best Practices:

• Use strong, unique passwords for each account
• Passwords should be at least 12 characters long
• Include uppercase, lowercase, numbers, and special characters
• Never reuse passwords across different accounts
• Consider using a password manager to generate and store complex passwords securely

Enable Two-Factor Authentication (2FA)

2FA adds a crucial extra layer of security to your accounts. However, not all 2FA methods are equally secure.

Recommended 2FA Methods (Most to Least Secure):

1. Security Keys (Most Secure):

   • Physical hardware keys (like YubiKey) provide the highest level of protection
   • Buy TWO security keys for redundancy in case one is lost
   • Register both keys on all accounts that support them
   • Supported by Google, Dropbox, Microsoft, major social media, and financial services

2. Authenticator Apps (Recommended):

   • Use apps like Google Authenticator, Microsoft Authenticator, or Authy
   • Much more secure than SMS-based 2FA
   • Save backup codes when setting up authenticator apps

3. SMS/Email 2FA (Avoid If Possible):

   • DO NOT rely on SMS or email for 2FA
   • Vulnerable to SIM-swapping attacks and email compromises
   • Only use as a last resort if no other options are available

Logout from All Devices

• Force logout on all devices for each compromised account
• This forces unauthorized users to log back in, triggering 2FA if enabled
• Look for "Log out of all devices" or similar options in account settings

Review Connected Devices and Applications

• Check devices connected to your network and online accounts
• Remove any devices you don't recognize
• Revoke access to suspicious third-party apps

Review and Update Security Questions

• Update security questions and answers
• Avoid answers that are easily guessable or derived from public information
• Consider using nonsensical but memorable answers

Device-Specific Security

Review Installed Applications:

• Android: Settings > Apps
• iOS: Settings > General > iPhone Storage
• Remove any apps you don't recognize or didn't install

Check App Permissions:

• Android: Settings > Apps > [App Name] > Permissions
• iOS: Settings > Privacy > [Permission Type]
• Revoke unnecessary permissions from apps

Update Software:

• Ensure your operating system and all apps are up to date
• Updates often include critical security patches
• Android: Settings > Software Update
• iOS: Settings > General > Software Update
• Windows: Settings > Update & Security > Windows Update

Run Security Scans:

• Install and run Malwarebytes Anti-Malware
• Available for Android, iOS, Windows, and Mac
• Run full scans to detect malicious software

Consider a Factory Reset:

If you suspect deep compromise, a factory reset ensures no malicious software remains:

• Backup important data before resetting
• Android: Settings > System > Reset > Factory data reset
• iOS: Settings > General > Reset > Erase All Content and Settings
• After resetting, only reinstall apps from official app stores

Section 5: Account Recovery and Credit Monitoring

Recovering a Locked-Out Account

If you are completely locked out of an account:

• Use Account Recovery Options:

  • Most services offer email or phone verification
  • If these are compromised, prioritize trusted devices or backup codes
  • Many services provide backup codes when setting up 2FA - use these if available

• Contact Customer Support:

  • If recovery options fail, reach out to the service provider directly
  • Be prepared to verify your identity with personal information or past account details
  • See Section 6 for platform-specific contact information

• Keep Documentation:

  • Share police reports or IC3 filings with service providers
  • This documentation may help speed up the recovery process

Monitor Credit and Identity

If personal or financial information was compromised, take these additional steps:

• Use Identity Monitoring Services:

  • Guardio (Recommended): Comprehensive monitoring for personal information, password leaks, and email/web filtering (paid service)
  • Free Credit Monitoring: Experian, Equifax, Credit Karma, FTC

• Monitor Credit Reports:

  • Check your credit report regularly for unusual activity
  • You're entitled to one free credit report annually from each bureau
  • Consider placing a fraud alert or credit freeze

• Watch for Phishing Attempts:

  • Be especially cautious of follow-up phishing emails or texts
  • Hackers may try to gain further information by impersonating legitimate companies

Section 6: Platform-Specific Help and Resources

Each major platform has specific recovery procedures and contact methods. Below is detailed information for recovering compromised accounts on popular services.

Facebook

Recovery Resources:

• Account Recovery Page: facebook.com/hacked
• Help Center: Search for "hacked accounts" for specific guides
• Identity Verification: May require government-issued ID upload
• Meta Verified: Consider signing up for faster support and resolution

Contact Emails:

• support@fb.com | support@facebook.com
• support@meta.com | support@metamail.com
• appeals@fb.com | appeals@facebook.com
• appeals@meta.com | appeals@metamail.com

Instagram

• Account Recovery Tool: Available in the app when login fails
• "My account was hacked" Form: For accounts that can't be recovered normally
• Identity Verification: May require selfie with unique code or other identity documents

Twitter (Now X)

• Help with Hacked Accounts: help.twitter.com
• Select "I can't log in to my account" and follow instructions
• Submit a ticket to Twitter Support if password resets don't work

eBay

• eBay Help Page: Instructions for securing and restoring access
• Customer Support: Available through live chat or callback
• Resolution Center: Report unauthorized transactions and open cases

Amazon

• Amazon Help: Select "Account & Login Issues"
• Customer Service: Contact via phone or chat
• Identity Verification: May verify through email or phone for unauthorized changes

Venmo

• Help Center: Search for "Account Hacked" for security steps
• Contact Form: Submit requests through Venmo's contact form
• Support Email: support@venmo.com
• Phone Support: 1-855-812-4430 (Mon-Fri 8AM-8PM CT, Sat-Sun 10AM-6PM CT)
• Freeze Account: Settings > Account > Security > Disable Account

PayPal

• Resolution Center: Report unauthorized transactions and open disputes
• Account Recovery: paypal.com/authflow
• Message Center: Contact through PayPal's Message Center
• Phone Support: 1-888-221-1161
• Social Media: @AskPayPal on Twitter or Facebook for direct message assistance
• Monitor linked bank accounts and credit cards for unauthorized transactions

Square/Squarespace

• Support Center: Search for "Account Hacked" for instructions
• Sign-In Troubleshooter: Reset password or contact support
• Phone Support: 1-855-700-6000 (Mon-Fri 6AM-6PM PT)
• Requires customer code from Square Dashboard
• Dispute fraudulent charges through Square's support channels

Microsoft (Outlook / Microsoft Account)

• Account Recovery: account.live.com/acsr
• Hacked Account Form: Guided recovery steps
• Identity Verification: May require detailed recovery form with prior passwords and account details

Google (Gmail / Google Account)

• Account Recovery: g.co/recover
• Compromised Account Help: Specific recovery steps after security breach
• Identity Verification: Security questions, recent login details, or backup email/phone
• May request identity documents if automated recovery fails

Yahoo (Yahoo Mail / Yahoo Account)

• Sign-in Helper: login.yahoo.com
• Account Security Page: Instructions for compromised accounts
• May require recent login IPs, folder names, and recovery contacts

General Tips for All Platforms

• Freeze or temporarily disable accounts to prevent further unauthorized activity
• Enable 2FA immediately upon regaining access
• Monitor transaction history frequently for suspicious activity
• Review and remove suspicious linked payment methods
• Check email for security alert notifications
• Some companies respond to queries via official social media (e.g., @Facebook, @TwitterSupport)
• Be cautious about sharing personal details in public channels

Section 7: Protecting Yourself Going Forward

The best defense against account compromise is prevention. Implementing these practices will significantly reduce your risk of becoming a victim.

Essential Security Tools

Use a Password Manager

• Password managers generate and store strong, unique passwords for every account
• Eliminates password reuse - the #1 cause of account breaches
• Creates passwords too complex for humans to remember but impossible for attackers to guess
• Recommended options: 1Password, LastPass, Bitwarden, Dashlane
• Protects you even if one account is compromised - others remain secure

Implement Hardware Security Keys

• Hardware keys (like YubiKey) provide the strongest available protection
• Impossible to phish - attackers cannot intercept or replicate
• Buy two keys: one primary, one backup
• Register both on all critical accounts (email, financial, work)
• Supported by Google, Microsoft, Facebook, financial institutions, and more

Install Quality Security Software

• Use reputable antivirus and anti-malware software on all devices
• Recommended: Malwarebytes for comprehensive protection
• Keep security software updated and run regular scans
• Enable real-time protection features

Develop Security Habits

Recognize and Avoid Phishing

Be skeptical of unsolicited communications:

• Unexpected emails, texts, or calls claiming urgent problems
• Requests for personal information, passwords, or payment
• Messages creating artificial urgency or fear

Verify independently:

• Never click links in suspicious emails
• Look up the company's official phone number and call directly
• Type website addresses manually instead of clicking email links

Check sender carefully:

• Examine email addresses closely for misspellings (paypa1.com vs paypal.com)
• Be wary of generic greetings ("Dear Customer" instead of your name)
• Look for poor grammar or spelling in official-looking messages

Practice Safe Browsing

• Only download software from official sources (company websites, official app stores)
• Look for HTTPS and the padlock icon before entering sensitive information
• Don't ignore browser security warnings
• Use privacy-focused browsers or enable tracking protection
• Keep browser and extensions updated

Secure Your Devices

• Enable automatic updates for operating systems and applications
• Use screen locks with strong PINs or biometrics on all devices
• Enable "Find My Device" features for recovery if stolen
• Encrypt your hard drives and mobile devices
• Be cautious with public Wi-Fi - use VPN for sensitive activities

Regular Maintenance and Monitoring

Conduct Security Audits

Every 3-6 months, review:

• Account activity for suspicious logins or transactions
• Connected devices and third-party app permissions
• Security and privacy settings on all accounts
• Old accounts you no longer use (delete or secure them)

Additional steps:

• Update passwords for critical accounts every 6-12 months
• Remove unused apps and revoke unnecessary permissions
• Check for data breaches using services like Have I Been Pwned

Enable Security Notifications

• Turn on login alerts for all critical accounts
• Enable notifications for:
  • Unrecognized device logins
  • Password changes
  • Security setting modifications
  • Large transactions or purchases
• Act immediately on any unauthorized activity alerts

Verify Important Accounts

• Consider paying for verification on critical social media and business accounts
• Verified accounts typically receive faster, better customer support
• Many platforms now require verification for direct human support
• Especially important for business accounts or accounts critical to your work

Protect Your Personal Information:

Limit what you share online:

• Avoid posting birthdays, addresses, phone numbers publicly
• Don't share travel plans in real-time (wait until you return)
• Review privacy settings on social media regularly
• Be careful with security question answers - don't share this information publicly

Use separate emails:

• Create separate email addresses for different purposes (personal, financial, shopping, etc.)
• Limits damage if one email is compromised
• Makes it harder for attackers to connect your accounts

Secure your email:

• Your email is the master key to all your accounts
• Use the strongest password and 2FA method available
• Never share or reuse your email password
• Regularly review forwarding rules and connected apps

Educate Your Circle

• Share security knowledge with family members, especially:
  • Elderly relatives who may be targeted by scammers
  • Teenagers and young adults starting to manage their own accounts
  • Anyone less tech-savvy in your household
• Help others set up 2FA and password managers
• Create a family security plan:
  • Establish who to call if someone suspects compromise
  • Agree never to share passwords or give remote access
  • Set up emergency contacts for account recovery
• Stay informed about current scam tactics and share warnings

Know When to Get Professional Help

Consider professional cybersecurity assessment if:

• You run a business with customer data
• You handle sensitive financial or legal information
• You've been targeted multiple times
• You're not confident in your current security setup

Pacific Northwest Computers offers:

• Security audits and vulnerability assessments
• Penetration testing to identify weaknesses
• Comprehensive security setup and training
• Ongoing monitoring and support

Remember: Security is not a one-time task, but an ongoing practice. Small, consistent efforts in prevention are far easier than dealing with the aftermath of a compromise.

Conclusion

Account compromises and cyberattacks are increasingly common, but you now have a comprehensive roadmap for responding to incidents and preventing future ones. This guide has taken you through:

• Immediate emergency response when compromise is suspected!
  D.C.C.R. = Disconnect, Check & Secure Accounts, Call for Help, Report
• Recognition and detection of warning signs
• Special handling for tech support scams
• Comprehensive security measures for accounts and devices
• Recovery procedures and credit monitoring
• Platform-specific resources for major services
• Prevention strategies to protect yourself going forward

While recovering from a compromise requires immediate action and diligence, the real key to digital security is prevention. The habits and tools outlined in Section 7 - from using password managers and hardware security keys to recognizing phishing attempts and conducting regular security audits - will dramatically reduce your risk of becoming a victim.

Remember that cybersecurity is not a destination but a journey. Technology and threats evolve constantly, which means your security practices should too. Stay informed, stay vigilant, and don't hesitate to seek professional help when needed.

Created & Maintained by Pacific Northwest Computers

Pacific NW Computers

www.linktr.ee/pnwcomputers

www.pacificnwcomputers.com

📞 Pacific Northwest Computers offers Remote & Onsite Support Across: 

SW Washington including Vancouver WA, Battle Ground WA, Camas WA, Washougal WA, Longview WA, Kelso WA, and Portland OR