Does your computer, Facebook profile, or email account feel a little off lately? Are things not exactly as you left them, with Messenger replies from unknown people, sketchy emails, and maybe even weird purchases on your Amazon account or PayPal? These are all telltale signs that you’ve been hacked. It’s a scary thing knowing someone has breached your own personal digital privacy, and it can be confusing and just plain creepy, too. Here’s how to tell if you’ve been hacked and the very next steps you should take.

If you notice any of these things, you should automatically assume the worst:

Sent emails that you know you didn’t send – Hackers who discover your email password can use your digital identity to try to trick your loved ones, coworkers, and others into divulging information that will put you and your loved ones at risk. If you notice an email in your outbox that you absolutely know you didn’t send, there’s a good chance someone found their way in.

Next step: Immediately change your email password as well as the password of any account that used the same login information, no matter how obscure you think it is. If they have a username and password for one site, hackers will try that same information everywhere else. Don’t click on any email links, but if the hacker was communicating with people you know, be sure to alert them that it wasn’t you who sent the messages.

Facebook or Twitter posts that you didn’t make – If a hacker is simply trying to cause grief they might try to break into your social media accounts. When this happens, they can post whatever they want, causing unwanted drama in your life and potentially even ruining relationships with friends or coworkers. They might also try to use your account to get information on other people in the hopes of hacking them as well.

Next step: Change your social media passwords without hesitation. Delete all messages or notes that you didn’t write yourself and post an explanation so that all of your contacts know what is really going on. Change your email password as well, just to be thorough, as well as any other accounts that used the same login details.

Password changes that you didn’t do – One of the first things a hacker will do once they breach one of your online accounts (be it Facebook, your email, Amazon, or anything else) is to try to change the password so that you can’t get back in. If you see emails or app notifications telling you that a password was changed but you know you didn’t do it, assume that someone with bad intentions did.

Next step: Try to log into the accounts in question and change the passwords to something completely new. If you can’t log in, go through the steps to reset your password, which usually includes clicking on confirmation link in your email to prove you are who you say you are. While you’re at it, change your email password as well.

Money transfers or purchases that you don’t recognize – It’s no surprise that Paypal, Amazon, and personal bank accounts are a big target for hackers, and if you see a transaction that you didn’t do yourself you should be on high alert.

Next step: Contact your bank, Paypal, or Amazon and confirm when the transaction was done and the companies, stores, or financial institutions that were involved. If you still believe the purchases were phony, file a fraud report with your bank or Paypal, which will require you to fill out a form and sign it. On Amazon, file a fraud report and contact Amazon customer service to attempt to stop the shipment of the products that were ordered. In the majority of cases, these steps will prevent you from absorbing too much financial burden, if any at all.

Also – you can visit this website to find out: https://haveibeenpwned.com/PwnedWebsites. Just type in an email and see when/how/where you might have been impacted by breaches, as well as what to do about it.

Can I prevent it?

One of the easiest ways to prevent a hacker from using a brute force password attack or leaked login info from another site to break into your account is by enabling a security feature called two-factor authentication. Every major online destination has a two-factor authentication option, including all the social networks, the vast majority of banks, email providers, online stores, Paypal, Amazon, eBay, and more.

How does it work? 

Two-factor authentication is like an extra layer of security between the world and your account. Instead of typing in a username and password and getting access, you’ll be prompted to enter a code from a secondary source, usually a text message sent from the site itself. After providing the correct username and password, anyone attempting to hack your account would also need access to your phone in order to receive the text message and input the correct code, which means they’ll be stopped in their tracks. It’s the easiest, safest way to give yourself a bit of added peace of mind.