Skip to content Accessibility

Attention! Investment scams are spreading. See more at: Investment fraud

Hacked account

Nowadays, a large part of our lives takes place in cyberspace: we manage our affairs through personal email accounts, communicate actively through social media, and keep photos and videos with emotional value in the clouds of various service providers (such as Google, Apple, Microsoft, Dropbox, etc.).

Passwords and authentication, Scams

These accounts need to be protected as much as possible – instructions for this are available here:

Passwords and two-factor authentication

For a cybercriminal, however, access to an important account is an opportunity to make money or to distribute material (malware or phishing links) to their contacts as they see fit. That is why criminals are constantly trying to find ways to access accounts (also known as ‘hack’ or ‘compromise’), and sometimes, they succeed.

The consequences of having your account hacked depend on the type of the account and how much personal information you have shared there. You may lose a lot of information you need (documents, photos, etc.), or the data stored in your account may be used to steal your identity, make purchases in online shops (if your credit card details are stored under your account), and commit internet crimes pretending to be you. For example, criminals may send messages to your friends and family on your behalf, telling them you have been in an accident or are otherwise in trouble, and asking them to transfer money. It is also very common to distribute malware or phishing links through a hacked account.

Signs that your account has been hacked or compromised:

  • you are having problems logging into your account;
  • the app displays a message or you receive an automatic email stating that:
    • your account has been logged into from somewhere else when you have not done it;
    • your account password has been changed, but you did not do it;
  • your friends let you know that you are sending them weird messages (for example, on Messenger) or links;
  • someone else posts under your account or sends emails and messages on your behalf that are not actually from you (or a family member using your device);
  • on social media, the people you follow suddenly include a lot of people you do not know;
  • you can see that you have logged in from an unusual location;
  • you get a lot of ads that look like spam.

Once you have identified that your account has been hacked, it is a good idea to act as quickly as possible: this way, you will have a better chance of recovering your account, and you may also be able to limit malicious activity from your account.

What should I do if my email or social media account has been hacked?

Exact instructions depend on whether you can access your account or the attacker has already managed to change the account password. Here are instructions for both instances.

If you can still access your account:

  1. A criminal may have obtained your password, so change it;

    • create a strong password that is at least 12 characters long and contains upper- and lowercase letters, numbers, and symbols;
    • use different unique passwords for each account;
    • read more: Strong passwords and two-factor authentication.

  2. Log out of all the devices where you are logged in by using the security settings page of the app account.

    • this is necessary for terminating the attacker’s session on your account;
    • after this, you can log into the app only from your legitimate devices with your new password;
    • if necessary, look for detailed instructions by using a search engine or on the Help page of the app.

  3. Increase the security of your account. Enable two-factor authentication and find privacy settings that provide options for protecting your account.

  4. Change the passwords for all accounts in all apps linked to your social media account. If you have used the same or similar username and password on other apps or accounts, change the passwords for those environments as well (Please note! Create a unique password for each account) and set up two-factor authentication.


If you can no longer access your account:

  • If your account is irretrievably locked, use the access recovery instructions and procedure of your service provider:

    • for example, for Facebook, you can find instructions in English in the Help Centre;
    • all other major service providers also have instructions and a procedure for restoring access to your account. These instructions are usually in English and can be found on their Help pages.

  • If there is a credit card linked to your account, notify the bank, close the card, and order a new one.

  • If your account is linked to a page of an institution or an organisation, ask another page administrator to remove the account from the list of administrators. General instructions can be found in the Meta Help Centre.

  • Notify cert@cert.ee of the incident. If necessary, the experts of the Information System Authority can advise on how to proceed. The information you provide can also help catch criminals and prevent future incidents.

  • In addition, let your friends and family know that your account has been hijacked and that you may not be the author of the messages and posts sent from it. It is possible that they may receive messages from you or see posts from your account that contain malicious links or misleading information.

Other topics

How to avoid getting scammed when shopping online?
Read more