If you suspect your login credentials have been compromised you should take immediate action to identify and change the compromised accounts.
Below are some tips regarding what to do when your credentials may have been stolen:
- Try to determine all of the computers or mobile devices used with those credentials. Any or all of them may have malicious software installed; the malicious software may capture everything you typed and the content appearing on your screen.
- For the devices you used, try to determine what other websites you accessed by entering the same user name and password. Those credentials may also be compromised.
- Immediately examine the accounts or sites where you used those credentials for unusual activity, even if they have not been reported as stolen.
- If you used the same user name and/or password on any other websites, change them immediately, you should assume they are compromised.
- If you answered security questions during any online session on a computer that may be compromised; you should assume the answers to those security questions are compromised and may be used to compromise other accounts.
- You should assume all of your user names and passwords have been compromised, and you should change every user name and password you use. It is also recommended that you consider changing your security questions at the same time.
- Consider putting a fraud alert on your credit reports to reduce the risk of additional lines of credit being fraudulently opened in your name.
- If any of your accounts have fraudulent activity you should create an Identity Theft Report, which involves reporting the identity theft to the FTC and filing a police report.
- Consult with a computer professional on how best to check and repair your computer(s).