If you think someone might have gained access to one of your online accounts, the earlier you take action, the better. Every minute you don’t is an extra minute the hacker has to do more damage and potentially unlock other connected accounts.
Unwelcome visitors usually leave tracks behind, so if you’re vigilant, you can spot any unauthorized login early on and do something about it promptly.
Make sure there’s at least one reputable tech outlet (like this one!) in your feeds, whether you get your news through Twitter, RSS, or some other platform. You can even set up a Google Alert for stories related to hacks on your most important accounts, which will deliver related news articles right to your inbox.
If you hear about a hack or attack that could involve one of your accounts, you can check the Have I Been Pwned? website (“pwned” being a play on “owned,” or hacked). It pulls together a huge collection of records from reported data breaches and leaked credentials that have been dumped on the web, with some 11 billion compromised accounts listed at the time of writing.
Just type in your email address and the site will tell you whether your information has been linked to any hacked databases. A match doesn’t necessarily mean your data has been exposed, but it does indicate that some of your login details have leaked out on the web. You can also sign up to get alerts if your email address is compromised in the future.
Speaking of emails, apps and sites often warn users of data breaches through direct emails. It’s worth checking that your contact details are correctly set up on the platforms you use every day, and that emails from the likes of Facebook and Twitter aren’t going directly to your spam folder.
Keeping an eye on your inbox will allow you to act promptly, but any messages about hacks that you get from the apps and sites you use should also include information about what to do next. You might even find your password has been reset for you already.
You can do this in Gmail: Scroll all the way down to the bottom of your inbox on the web, then click the small Details button on the right. A new tab or pop-up box (depending on your operating system) will show you the latest 10 instances of activity on your Gmail account, together with the app used and the geographic location of the login.
Facebook has a similar feature. Head to the passwords and security page in the site’s settings on the web, then click See more under the list that shows where you’re logged in. Facebook gives you the time and date of the login, the device used, and where in the world it came from.
You can also do this on Twitter. Open up the settings and privacy page on the web, click on Security and account access, followed by Apps and sessions and Sessions to see exactly which devices are logged into your account and where they are. The main Apps and sessions screen lists connected third-party apps, account access history, and other logged-in devices and apps.
Source : https://www.popsci.com/what-to-do-when-hacked/