If you notice unusual activity on one of your accounts or suspect someone else might have gained access, acting quickly is essential.
Even a small delay can increase the risk of losing funds or personal information.
Follow the steps below to secure your accounts and limit any potential damage.
Stay calm, but act immediately
Don’t panic but don’t wait, either.
If you suspect unauthorised access (for example, unexpected logins, password reset emails you didn’t request, or missing funds), take action as soon as possible.
Your goal is to regain control and prevent further access.
Change your passwords right away
Change the password for the affected account(s) immediately.
If you use the same password elsewhere (email, exchanges, wallets, etc.), change it on all accounts or better, create unique passwords for each one.
Use a strong, new password that you haven’t used before.
💡 Use a password manager to create and store secure passwords safely.
If you can’t log in, use the account’s “Forgot password” option to reset it or contact the provider’s support team.
Check and secure your email account
Your email is often the gateway to other services. If it’s compromised, attackers can reset passwords for multiple platforms.
Change your email password immediately.
Review recent logins or active sessions (most email providers show device history).
Enable two-factor authentication (2FA) for extra protection.
Remove any unauthorised recovery addresses or phone numbers from your settings.
Enable or recheck two-factor authentication (2FA)
If 2FA was turned off or changed recently, re-enable it as soon as possible.
Use an authenticator app (like Google Authenticator or Authy) rather than SMS if possible.
Store your backup codes safely offline.
2FA adds a strong extra barrier even if someone has your password.
Review recent activity and connected devices
Most online platforms and exchanges let you see recent logins or active sessions.
Check if there are unfamiliar locations, IP addresses, or devices listed.
Log out of all sessions and devices you don’t recognise.
In crypto-related services, review recent transactions and confirm that all withdrawals are legitimate.
Contact the platform’s support team
If the affected service is financial or crypto-related, contact their support team immediately.
Provide as much information as possible:
The email address linked to your account
A description of what happened
Any suspicious transaction IDs, wallet addresses, or timestamps
Support teams can help temporarily lock your account or prevent withdrawals while investigating.
Scan your devices for malware
Sometimes, unauthorized access happens because of keyloggers, trojans, or phishing links.
Run a full antivirus and anti-malware scan on your computer and phone.
Remove any suspicious apps, browser extensions, or files.
Keep your operating system and browsers updated with the latest security patches.
Strengthen your overall security
After regaining control, take steps to prevent future incidents:
Review and update your passwords regularly.
Use 2FA everywhere possible.
Avoid clicking unknown links or downloading attachments from strangers.
Back up important data offline.
Learn to recognize phishing and fake websites.
Remember: prevention is much easier (and safer) than recovery.
Signs of unauthorised access to watch for
Login alerts from unknown locations or devices
Password reset emails you didn’t request
Unexplained transactions or withdrawals
Missing or changed account details
“Session expired” messages after logging in
Suspicious messages sent from your email or social media
If you notice any of these, act immediately using the steps mentioned earlier.