You knew — at least in theory — that it can happen to anyone.
But it’s still a shock that it’s happened to you. You’ve dropped your guard just a little, and some nasty cybercrook has taken the gap — infiltrating your workplace account or your bank account or hacking into some other part of your online footprint.
It’s a horrible invasion of your privacy. Someone is trying to steal your identity, and they’ve already taken the first step.
So what should you do? First of all, don’t panic – act now!
There are ways to fix this quickly.
Ready? Let’s do it.

Step 1: change all your passwords
Do this immediately. It will lock the attackers out of any account they have already invaded and stop them doing any further damage. Start with the most sensitive accounts — your work profile, your online banking profiles, all your email accounts, and any credit or investment accounts. Then move on to all your social media accounts, and any accounts at online stores or platforms where payments or purchases can be made easily, without entering your credit card details. Think Uber, media streaming services and software subscriptions.
Also, on all these accounts, check that your listed recovery email addresses and numbers are still yours, and still secure.
NB: it’s important to use a password manager to create strong, unique passwords that will prevent hacks in the future.


Step 2: add multi-factor authentication
Now let’s add an extra layer of security by enabling multi-factor authentication (MFA) on your accounts, which provides backup to password security. These include the use of one-time pins (sent either by sms or by email) whenever you add a beneficiary, or whenever you log into a platform using a new device. You may already have multi-factor authentication (MFA) in place for some accounts but add them to profiles on which you don’t.

Step 3: assess the damage
Next, we need to check which accounts and what kinds of information have been compromised. Look at your bank statements, your sms notifications and your work and personal email inboxes. Do you see anything that looks strange? Are there any transactions or approval requests that you don’t recognise? Also, on all your devices, check the list of connected devices: if any unfamiliar devices are connected to them, remove those connections (revoke access).

Step 4: lock down your money
You may have seen that a bank card or account have already been used by the hackers. If so, call your bank’s fraud helpline immediately and ask them to cancel any cards that have been fraudulently used, and freeze your internet banking profile if an Electronic Funds Transfer (EFT) has been made to a suspicious new beneficiary. You may not need to cancel any other debit or credit cards, provided that the following two things are true:

![]() |
You are certain that you have not used those cards while unaware that your account was hacked — because the attackers might then have recorded your passwords and security codes, and might not yet have used those details in a fraudulent transaction. |
![]() |
You have already changed the login details — username and password — needed to use those other cards. |
![]() |
Contact one of the major credit bureaus to place a fraud alert on your credit file. Consider freezing your credit to prevent new accounts from being opened in your name. |
Step 5:
keep a look out
Step 5: keep a look out
Start keeping a close eye on your financial accounts and credit reports for any unusual activity. If your identity documents have been compromised, the hackers could try to open a store credit account in your name, for example. Use free credit monitoring services, if available, to scan for fraudulent use of your identity to obtain credit.

Step 6: lock down your devices
Now it’s time to ensure your devices — smartphone, laptop, desktop pc and tablet — are protected with updated antivirus software and security patches. Ask your workplace IT support team for help with securing your work devices, and then replicate these protections on your personal devices, where possible.

Step 7: report the attack
If you haven’t already notified your bank and credit card companies (as part of step four), then do so now. If you have lost funds or information has been stolen that remains sensitive (i.e. Not just login details that have been changed), then report the case to the police, preferably a specialist anti-cybercrime unit. This step could be important for claiming on any insurance that could cover your loss, and may also result in the hackers being caught.
Next, warn your network: let your close contacts know that your email account has been compromised and to be wary of any suspicious emails or messages seemingly coming from you.

Step 8:
list your accounts
Step 8: list your accounts
Now that you’ve done all the urgent stuff, use this opportunity to create an offline or encrypted list of all your major online accounts and profiles. Note all their usernames, associated email addresses and recovery email addresses. This will help you maintain good security — and to react quickly if another hack ever happens.
Step 9: breathe in and breathe out
You’ve done what you can at this point. How do you feel? Hopefully a bit calmer and more confident, now that you’ve patched up your security and regained control of your digital identity.
Being hacked is an unbelievably common experience these days. To avoid going through this again and again, we have to take responsibility for protecting ourselves, our identity, our family and our workplace. That means we have to become a bit obsessive — paying regular attention to the boring details of our online security.
That may sound like a big drag. But getting hacked is a much bigger drag.
Sorry that this happened to you!
From hacked to act — now you know what to do.
But if something still doesn’t feel right, don’t leave it to chance. Report it.
Email our Cyber Defence team at phishingreport@sappi.com or
Speak to your local IT department.
If it feels wrong, don’t let panic lead — act smart, stay secure.