How to tell if your online accounts have been hacked

Must read

More and more hackers are targeting regular people with the goal of stealing their crypto, perhaps getting into their bank accounts, or simply stalking them. These types of attacks are still relatively rare, so there’s no need for alarm. But it’s important to know what you can do to protect yourself if you suspect someone got into your email or social media account.

A few years ago, I wrote a guide to help people protect themselves, and understand that most of the companies you have an account with already offer you tools to take control of your accounts’ security, even before you contact them for help, which in some cases you still should do. 

Here we break down what you can do on several different online services. 

Just like in the previous guide, there’s an important caveat. You should know that these methods don’t guarantee that you haven’t been compromised. If you still aren’t sure, you should contact a professional, especially if you are a journalist, a dissident or activist, or otherwise someone who has a higher risk of being targeted. In those cases, the non-profit Access Now has a digital security helpline that will connect you to one of their experts.

Another caveat, if you don’t do this already, you should enable multi-factor authentication on all your accounts, or at least the most important ones (email, banking, social media). This directory is a great resource that teaches you how to enable multi-factor authentication on more than 1,000 websites. (Note that you don’t have to use the multi-factor app promoted on that site, there are plenty of other alternatives.) 

Increasingly some online services offer the use of a physical security key or a passkey stored in your password manager, which is one of the highest safeguards to prevent account intrusions that rely on password-stealing malware or phishing.

Gmail lists all the places your account is active

The first thing you should do if you suspect someone has broken into your Gmail account (and by extension all the other Google services linked to it) is to scroll all the way down in your inbox until you see “Last account activity” in the bottom right corner.

Click on “Details.” You will then see a pop-up window that looks like this: 

A list of recent account activity on Google's account page, including IP addresses and browser types.
A list of recent account activity on Google’s account page. Image Credit: TechCrunch

These are all the places where your Google account is active. If you don’t recognize one of them, for example if it comes from a different location, like a country you haven’t visited recently or never been, then click on “Security Checkup.” Here you can see what devices your Google account is active in.   

Google's Security Checkup Page, including a view that shows
Google’s Security Checkup Page, including a view that shows “where you’re signed in.” Image Credits: TechCrunch.

If you scroll down, you can also see “Recent security activity.”

a screenshot of recent security activity on Google's Security Checkup Page
Recent security activity on Google’s Security Checkup Page. Image Credits: TechCrunch

Check this list to see if there are any devices that you don’t recognize. If in any of these places above you see something suspicious, click on “See unfamiliar activity?” and change your password:

a dialog window that says
Changing your Google account password. Image Credits: TechCrunch

After you change your password, as Google explains here, you will be signed out of every device in every location, except on the “devices you use to verify that it’s you when you sign in,” and some devices with third-party apps that you’ve granted account access to. If you want to sign out there too, go to this Google Support page and click on the link to “View the apps and services with third-party access.”

a screenshot showing a Google help page describing common questions about account access.
Removing third-party access to your Google account. Image Credits: TechCrunch

Finally, we also suggest considering turning on Google’s Advanced Protection on your account. This enhanced security protection makes phishing your password and hacking into your Google account even harder. The drawback is that you need to purchase security keys, hardware devices that serve as a second-factor. But we think this method is important and a must-use for people who are at a higher risk. 

Also, remember that your email account is likely linked to all your other important accounts, so getting into it could turn out to be the first step into hacking into other accounts. That’s why securing your email account is more important than virtually any other account.

Outlook and Microsoft logins are in the account settings

If you are concerned about hackers having accessed your Microsoft Outlook account, you can check “when and where you’ve signed in,” as Microsoft puts it in the account settings.

To go to that page, go to your Microsoft Account, click on Security on the left-hand menu, and then under “Sign-in activity” go to “View my activity.” 

a sign-in activity checker window for MIcrosoft accounts.
Checking recent sign-in activity on your Microsoft account. Image Credits: TechCrunch

At this point, you should see a page that shows recent logins, what platform and device was used to log in, the type of browser, and the IP address.  

a screenshot showing recent activity, including device, platform and approximate location of the user
Checking recent activity on your Microsoft account. Image Credits: TechCrunch

If something looks off, click on “Learn how to make your account more secure,” where you can change your password, check “how to recover a hacked or compromised account“, and more.  

Microsoft also has a support portal with information on the Recent activity page.

As we noted above, your email account is the cornerstone of your online security, given that it’s likely that most of your important accounts — think social media, bank, and healthcare provider etc. — are linked to it. It’s a popular target for hackers who want to then compromise other accounts. 

Like other email providers, Yahoo (which owns TechCrunch) also offers a tool to check your account and sign-in activity with the goal of allowing you to see any unusual activity that could be a sign of compromise. 

To access this tool, go to your Yahoo My Account Overview or click on the icon with your initial next to the email icon on the top right corner, and click on “Manage your account.” 

a screenshot showing the
Accessing your Yahoo account information. Image Credits: TechCrunch

Once there, click on “Review recent activity.” On this page you will be able to see recent activity on your account, including password changes, phone numbers added, and what devices are connected to your account, and their corresponding IP addresses. 

a recent activity window for Yahoo account users, which includes a log of recent account actions, such as password changes.
Checking recent account activity on your Yahoo account. Image Credits: TechCrunch
another screenshot showing Yahoo account activity, including browser version, location and sign-in history
Checking recent account activity on your Yahoo account. Image Credits: TechCrunch

Given that it is likely that you have linked your email address to sensitive websites like your bank’s, your social media accounts, and healthcare portals, among others, you should make an extra effort to secure it. 

Ensure your Apple ID is safe

Apple allows you to check what devices your Apple ID is logged in directly through the iPhone and Mac system settings, as the company explains here

On an iPhone or iPad, go to “Settings,” tap your name, and scroll down to see all the devices that you are signed in on. 

a screenshot on an iPhone showing all the logged in devices on an Apple account.
A screenshot on an iPhone showing all the logged in devices on an Apple account. Image Credits: Apple

On a Mac, click on the Apple logo on the top left corner, then “System Settings,” then click on your name, and you will also see a list of devices, just like on an iPhone or iPad. 

A screenshot on a Mac showing all the logged in devices on an Apple account.
A screenshot on a Mac showing all the logged in devices on an Apple account. Image Credits: Apple

If you click on any device, Apple says, you will be able to “view that device’s information, such as the device model, serial number,” and operating system version.

On Windows, you can use Apple’s iCloud app to check what devices are logged into your account. Open the app, and click on “Manage Apple ID.” There you can view the devices and get more information on them.

Finally, you can also get this information through the web, going to your Apple ID account page, then clicking on “Devices” in the left hand menu. 

A screenshot on a browser view showing all the logged in devices on an Apple account.
A screenshot on a browser view showing all the logged in devices on an Apple account. Image Credits: Apple

How to check Facebook and Instagram security

The social networking giant offers a feature that lets you see where your account is logged in. Head to Facebook’s “Password and Security” settings and click on “Where you’re logged in.” 

a screenshot of a logged-in Facebook account Account login activity showing recently and all signed in devices attached to that account.
Account login activity for a Facebook account. Image Credits: TechCrunch

In the same interface you can also see where you are logged in with your Instagram account, provided it’s linked to your Facebook account. If the accounts are not linked, or you just don’t have a Facebook account, go to Instagram’s “Account Center” to manage your Instagram account and click on Password and Security, and then “Where you’re logged in.” 

Here you can choose to log out from specific devices, perhaps because you don’t recognize them, or because they are old devices you don’t use anymore. 

Just like Google, Facebook offers an Advanced Protection feature as well as for Instagram, which essentially makes it harder for malicious hackers to log onto your account. “We’ll apply stricter rules at login to reduce the chances of unauthorized access to your account,” the company explains. “If we see anything unusual about a login to your account, we’ll ask you to complete extra steps to confirm it’s really you.” 

If you are a journalist, a politician, or otherwise someone who is more likely at risk to be targeted by hackers, you may want to switch on this feature. 

It’s easy to see whether your WhatsApp is safe

In the past, it was only possible to use WhatsApp on one mobile device only. Now, Meta has added functionalities for WhatsApp users to use the app on computers, and also directly via browser. 

Checking where you logged in with your WhatsApp account is simple. Open the WhatsApp app on your mobile phone. On iPhones and iPads, tap on the Settings icon in the bottom right corner, then tap on “Linked devices.” 

There, you will be able to see a list of devices, and by clicking on one of them you can log them out. 

a screenshot showing all the linked devices attached to this WhatsApp account
Checking linked devices on a WhatsApp account. Image Credits: TechCrunch
another screenshot showing the linked devices attached to this WhatsApp account
Checking linked devices on a WhatsApp account. Image Credits: TechCrunch

On Android, tap on the three dots in the top right corner of the WhatsApp app, then tap “Linked devices” and you will see a page that’s very similar to what you would see on Apple devices.

Signal also lets you check for anomalies

Like WhatsApp, Signal now lets you use the app via dedicated Desktop apps for macOS, Windows, as well as Linux. 

a screenshot on an iPhone showing all the linked devices attached to this Signal account
Looking for linked devices attached to a Signal account. Image Credits: TechCrunch

From this screen of Linked Devices, you can tap on “Edit” and remove the devices, which means your account will be logged out and unlinked from those devices. 

X (Twitter) lets you see what sessions are open

To see where you are logged into X (formerly Twitter), go to X Settings, then click on “More” on the left hand menu, click on “Settings and privacy,” then “Security and account access,” and finally “Apps and sessions.”

From this menu, you can see what apps you have connected to your X account, what sessions are open (such as where you are logged in), and the access history of your account. 

You can revoke access to all other devices and locations by hitting the “Log out of all other sessions” button.

a screenshot showing all the logged in sessions on an X account from the web interface
Looking at the logged-in sessions on an X account. Image Credits: TechCrunch
a screenshot showing all the account access history on an X account from the web interface
Looking at the account access history on an X account. Image Credits: TechCrunch

More articles

Latest article