While you can’t eliminate the risk of being a victim of a cybercrime, you can control how you react if your identity, accounts, devices or information is compromised. Responding quickly and comprehensively limits the damage from being hacked, facilitates a rapid recovery and provides you with some needed peace of mind.

So, let’s look at common compromise scenarios and the steps you should take immediately afterward.

Stolen Social Security Number

Scenario: After filing your taxes, you get a notice from the Internal Revenue Service (IRS) stating your submission was rejected because a return was already filed using your Social Security number (SSN). This is a classic case of identity theft. What are your next steps?

1.   Report the SSN theft using identitytheft.gov and file a local police report.

2.   Freeze your credit at all major credit bureaus (Equifax, Experian, TransUnion and Innovis) to prevent fraudsters from establishing new lines of credit with your identity.

3.   Keep a record of any fraudulent activity and close accounts that were opened using your SSN. Then, report it to the fraud department of the credit card company or bank involved, as well as the major credit bureaus.

4.   Contact your Morgan Stanley Financial Advisor and alert them.

5.   Continue to monitor your existing lines of credit for signs of account fraud. Ask your Financial Advisor about Morgan Stanley’s identity and credit protection offering with Experian® through our CashPlus program for brokerage accounts.

Hacked Email Account

Scenario: You start hearing from your contacts saying they’re getting emails from your account asking them to wire money to you, or maybe click on a suspicious link. Chances are a cybercriminal stole your email password and now has access to your account. So, what should you do?

1.   Change your email password to something lengthy and unique. (Make sure to do it from a clean, malware-free device.)

2.   Consider using a password manager to create and securely store your passwords.

3.   Review any specific guidance given by your email provider about restoring your account.

4.   Use multi-factor authentication (MFA) as another layer of protection to help confirm your identity and protect access to your accounts. Examples of MFA options include security keys, push notifications, fingerprints and facial recognition.

5.   Ensure you also have the latest versions of your browser, operating system and software on your devices.

6.   Make sure any other online accounts that use your hacked email address as the account’s registration address haven’t been impacted.

7.   Look for unusual activity with your social media accounts and check your email filters for any changes to your account (such as emails being set to auto-forward).

8.   Alert your contacts about the attack. Remind them to ignore suspicious emails and avoid clicking on links in emails.

9.   Use a reputable antivirus product to remove any malware infection on your devices.

Computer Infected by Malware

Scenario: Strange ads start popping up on your computer. It’s running slower than normal, too. Could be that you fell prey to an online scam and clicked on a phishing link, or perhaps downloaded content from an untrustworthy site. It’s likely malicious software has taken control of your machine. Now what?

1.   Use a reputable antivirus product to clean up the malware infection on your devices.

2.   Contact an IT or computer professional to remove the malware if the problem persists after using an antivirus product. This is especially true of ransomware, a type of malware that locks your device or encrypts your electronic files and demands a ransom to have them restored.

3.   Make sure your operating system, browsers and software are up to date. Turn on automatic updates when available as these upgrades often include important security enhancements.

4.   Change the passwords on any online accounts used while your computer was infected. Be sure to create the new passwords from a malware-free device, not your infected computer.

Credit Card Fraud

Scenario: You notice several charges to your credit card from a surf shop in Venice Beach, California. Only problem? You live in Iowa and have never surfed a day in your life. It appears a cyberthief stole your credit card number and is on a shopping spree. What are your next steps?

1.   Contact your credit card provider immediately with the number on the back of the card and alert them of the theft. In most cases, your provider will detect any fraud before you do, reject the charges and send you a new card.

2.   Make sure to update any automatic payments connected with your old credit card.

3.   Consider receiving security credit fraud alerts that warn you when logins from unrecognized devices to your accounts occur, or if your password changes.

Phone Number Hijacked or Ported

Scenario: Your cell phone suddenly stops working. You can’t text or make calls, or even receive messages. You may be the victim of a phone porting scam which happens when a fraudster convinces your mobile carrier to transfer your number to a new device. You feel panicked. So much of your life is connected to that phone. What’s more, you have all of your financial accounts set up with multi-factor authentication, with a one-time passcode sent to you via SMS. This means the fraudster could intercept the passcode and possibly infiltrate your accounts. What should you do?

1.   Contact your mobile carrier and financial institutions immediately to let them know that a porting has occurred.

2.   Help protect yourself from future attacks by requesting your carrier add additional security measures whenever a porting change has been requested. Many carriers will let you set a passcode for your account so that anyone who calls to make changes will have to provide the passcode.

Getting Support After a Cyber Attack

It’s easy to feel overwhelmed, helpless or even violated after you’ve been hacked. But, taking immediate corrective measures can alleviate the damage following a breach, and allow you to feel back in control.

Your Morgan Stanley Financial Advisor is prepared to assist you with securing your financial accounts and can direct you to other resources for additional help. With scams on the rise, protecting your assets and personal information remains our top priority. One way to protect yourself or your loved ones’ accounts from fraud and financial scams is to add a trusted contact.

A trusted contact is a person you designate to be contacted if we are unable to reach you or if there are concerns regarding your well-being or suspected financial exploitation. It is important to note that a trusted contact does not have permission to access account details, make decisions or perform any actions on your behalf. This individual serves as an additional layer of defense in case issues arise.