Morgan Stanley
  • Wealth Management
  • Sep 21, 2022

Know What To Do If You Think You've Been Hacked

Know the steps to take if and when your identity, accounts, devices or information is compromised.

While you can’t eliminate the risk of being a victim of a cybercrime, you can control how you react if your identity, accounts, devices or information is compromised. Responding quickly and comprehensively limits the damage from being hacked, facilitates a rapid recovery and provides you with some needed peace of mind.

So, let’s look at common cyber attack scenarios and the steps you should immediately take afterward.

Stolen Social Security Number

Scenario: After filing your taxes, you get a notice from the Internal Revenue Service stating your return was rejected because a return was already filed using your Social Security Number (SSN). This is a classic case of identity theft. What are your next steps?

  1. Report the SSN theft at IdentityTheft.gov and file a local police report.
  2. Freeze your credit at all major credit bureaus (Equifax, Experian and TransUnion) to prevent fraudsters from establishing new lines of credit with your identity.
  3. Continue to monitor your existing lines of credit for signs of account fraud.
  4. Keep a record of and close any fraudulent account opened using your SSN immediately. Then report it to the fraud department of the credit card company or bank involved, as well as the major credit bureaus.
  5. Visit the Federal Trade Commission site if you need more information.

Hacked Email Account

Scenario: You start hearing from your contacts saying they’re getting emails from your account asking them to wire money to you, or maybe click on a suspicious link. Chances are a cybercriminal stole your email password and now has access to your account. So, what should you do?

  1. Use a reputable antivirus product to remove any malware infection on your devices.
  2. Ensure you also have the latest versions of your browser, operating system and software on your devices.
  3. Change your email password to something lengthy and unique. (Make sure to do it from a clean, malware-free device.) Consider using a password manager to create and securely store your passwords.
  4. Use Multi-Factor Authentication (MFA) as another layer of protection to help confirm your identity and protect access to your accounts. Examples of MFA options include security keys, push notifications, biometrics and authenticator apps.
  5. Look for unusual activity with your social media accounts and check your email filters for any changes to your account (such as emails being set to auto-forward).
  6. Make sure any other online accounts that use your hacked email address as the account’s registration address haven’t been impacted.
  7. Alert your contacts about the attack. Remind them to ignore suspicious emails and avoid clicking on links in emails.
  8. Review any specific guidance given by your email provider about restoring your account.
The best way to identify and clean up a malware infection is to install and run a reputable antivirus product.

Computer Infected by Malware

Scenario: Strange ads start popping up on your computer. It’s running slower than normal, too. Could be that you fell prey to an online scam and clicked on a link you shouldn’t have, or perhaps downloaded content from an untrustworthy site. Malicious software has taken control of your machine. Now what?

  1. Use a reputable antivirus product to clean up the malware infection on your devices.
  2. Contact an IT or computer professional to remove the malware if the problem persists after using your antivirus product. This is especially true of ransomware, a type of malware that locks your device or encrypts your electronic files and demands a ransom to have them restored.
  3. Make sure your operating system, browsers and software are up to date. Turn on automatic updates when available as these upgrades often include important security enhancements.

Change the passwords on any online accounts used while your computer was infected. But, create the new passwords from a malware-free device – not your infected computer.

Fraud with Credit Cards

Scenario: You notice several charges to your credit card from a surf shop in Venice Beach, California. Only problem? You live in Iowa and have never surfed a day in your life. It appears a cyberthief stole your credit card number and is on a shopping spree. What are your next steps?

  1. Contact your credit card provider immediately to alert them to this credit card theft. In most cases, your provider will detect any fraud before you do and will reject the charges and send you a new card.
  2. Make sure to update any automatic payments connected with your old credit card.
  3. Consider receiving security credit fraud alerts that warn you when logins from unrecognized devices to your accounts occur, or if your password changes.

Phone Number Hijacked or Ported

Scenario: Your cell phone suddenly stops working. You can’t text or make calls, or even receive messages. You may be the victim of a phone porting scam. You feel panicked. So much of your life is connected to that phone. What’s more, you have all of your financial accounts set up with multi-factor authentication, with a one-time passcode sent to you via SMS. This means the fraudster could intercept the passcode and possibly infiltrate your accounts. What should you do?

  1. Contact your mobile carrier and financial institutions immediately to let them know that a porting attack (which happens when a fraudster convinces your mobile carrier to transfer your number to a new device) has occurred.
  2. Help protect yourself from future attacks by requesting your carrier add additional security measures whenever a porting change has been requested. Many carriers will let you set a passcode for your account so that anyone who calls to make changes will have to provide the passcode.

Getting Support after a Cyber Attack

It’s easy to feel overwhelmed, helpless or even violated after you’ve been hacked. But, taking immediate corrective measures can alleviate the damage following a breach, and allow you to feel back in control.

Also, your Morgan Stanley Financial Advisor is prepared to assist you with securing your financial accounts and can direct you to other resources for additional help.

Reporting an Online Security Concern

If you suspect you may be the victim of fraud or identity theft, or if you notice suspicious account activity or receive a questionable email or text that appears to be from Morgan Stanley, please contact us immediately at


888-454-3965
(24 hours a day, 7 days a week)