jason.guide
Privacy Last updated: December 2025 📖 8 min read

What to Do If You Have Been Hacked or Doxxed

Immediate actions if you've been hacked, doxxed, SIM swapped, or scammed. Act quickly.

⬅️ New to privacy? Start with Privacy Fundamentals to learn the basics first.

🚨 Emergency Guide

I've Been Compromised (Hacked, Doxxed, etc.) - Act quickly.

⚡ Emergency Triage: Act Now

Identify your emergency type below for immediate, step-by-step actions:

🔓

Account Compromised

Password stolen, unauthorized logins

URGENT
1
Change password from clean device

Use a different computer/phone you trust

⏱ 2 min
2
Secure critical accounts (email, device, financial)

Prioritize email (e.g., Gmail, Apple ID), device accounts (Google, Microsoft), and financial platforms.

⏱ 10-15 min
3
Enable 2FA immediately

Use authenticator app, not SMS

⏱ 3 min
4
Check account settings

Look for forwarding rules, linked devices, changed recovery emails

⏱ 5 min
💻

Device Has Malware

Pop-ups, ransomware, strange behavior

URGENT
1
Disconnect from internet NOW

Turn off WiFi and unplug ethernet cable

⏱ 30 sec
2
Use different device to change passwords

Email, banking, any critical accounts

⏱ 10 min
3
Do NOT reconnect until cleaned

See malware removal guide below

🎭

Been Doxxed

Personal info published online

HIGH
1
Take screenshots for evidence

Document everything before it's deleted

⏱ 5 min
2
Report to platform

Use reporting tools where info was posted

⏱ 5 min
3
File police report if threats involved

Do NOT engage with attacker

Specific Threats & Response

📱

SIM Swapping Attack

Attacker hijacks your phone number to receive calls/texts/2FA codes

CRITICAL THREAT
⚠️ Warning Signs
  • Phone suddenly loses service (no signal, can't make calls)
  • Notifications about SIM change you didn't request
  • Locked out of accounts or password reset emails you didn't request
  • Unauthorized transactions on bank/crypto accounts
📞 Call Your Carrier NOW
Verizon 1-888-483-7200 Ask for fraud dept AT&T 1-800-331-0500 Say "fraud" T-Mobile 1-800-937-8997 Account takeover team
Mint Mobile mintmobile.com/chat No phone support

Say this: "My phone number has been hijacked via SIM swap fraud. I need to speak to your fraud prevention team immediately."

⏱ Next 30 Minutes (Do In Order)
1
Call carrier fraud department

Say "SIM swap fraud" - demand they lock account and reverse port. Get case number.

5 min
2
Get your number back

Request immediate SIM swap back. Have PIN, account number, and ID ready. Don't accept delays.

5-10 min
3
Set new carrier PIN

Make it 6+ digits. NOT your birthday or SSN. Write it down physically.

2 min
4
Change passwords from computer

Email, banking, crypto. Use authenticator apps, NOT SMS codes.

10-15 min
5
Freeze credit at all 3 bureaus
Equifax TransUnion Experian
5 min each
🛡 Prevention (Do This Week)
  • Add carrier PIN: 6+ digits, required for ANY account changes
  • Remove SMS 2FA: Switch to authenticator apps (1Password, 2FAS, Authy)
  • Use Google Voice for 2FA: Can't be SIM swapped
  • Enable port-out protection: T-Mobile/AT&T offer "Number Lock"
☎️

Vishing / Call Spoofing

Scammer calls pretending to be bank, IRS, or tech support

HIGH THREAT
🚩 Instant Red Flags - Hang Up NOW
  • Asks for password, PIN, or 2FA code
  • Creates extreme urgency ("Account closes in 10 minutes")
  • Asks you to buy gift cards or move money to "safe account"
  • Wants you to install remote access software (TeamViewer, AnyDesk)
  • Threatens arrest or legal action unless you act NOW
💬 Common Scam Scripts
"Your account has suspicious activity"
Creates urgency, asks you to "verify" details
"We're from [Your Bank] fraud department"
Spoofed caller ID shows your bank's real number
"Your computer has a virus"
Asks you to install remote access software
"You owe back taxes to the IRS"
Threatens arrest, demands gift cards/wire transfer
📞 While You're On the Call
Hang up immediately

Don't argue or explain. Just end the call.

📝
Write down details

Number, time, what they claimed, what they asked for

☎️
Call back using official number

From card, official website, or bank app - NOT the number they gave you

⚠️ If You Already Gave Information
If you gave: Password/PIN
Change it immediately + enable 2FA
If you gave: SSN/account numbers
Freeze credit at all 3 bureaus NOW
If you: Installed remote software
Disconnect from internet + full malware scan
If you: Sent money/gift cards
Call bank fraud dept immediately (number on card)
🛡 Memorize These Rules
  • Never trust caller ID - Spoofing is trivial
  • Banks NEVER ask for passwords - They already have it
  • Always hang up and call back - Only way to verify legitimacy
  • Gift cards = scam - No legit organization accepts them
  • Never install software from cold calls - Zero exceptions
  • IRS sends letters first - Never calls threatening arrest
Report This Scam to FTC →

Next 24 Hours

  • Security Sweep: Run an antivirus/anti-malware scan on all devices
  • Check for Breaches: Check your email at haveibeenpwned.com
  • Monitor Finances: Review bank and credit card statements. Consider a credit freeze.
  • Alert Contacts: Warn friends and family, as they may be targeted next

Long-Term Recovery

Figure out how the breach happened (phishing, malware, password reuse?) and address the root cause. For identity theft, file a report with the FTC (identitytheft.gov in the US).

📚 Related Privacy Guides

← Privacy Fundamentals - Master the basics: password managers, 2FA, and browser privacy

Advanced Privacy Strategies → - Encrypted email, phone privacy, and data removal

Related Guides

Privacy

How to Secure Your Digital Life

Master the essentials: password managers, 2FA, browser privacy, and your one-time security setup.

📖 10 min read
Read Guide →
Privacy

How to Disappear: The Advanced Privacy Guide

For those who've mastered the basics: encrypted email, phone privacy, data removal, and advanced tactics.

📖 12 min read
Read Guide →