ccount Hijacking: What it is, signs to spot, and how to stop it

Account Hijacking

What it is (in plain words):
Account hijacking is like someone slipping into your online life and wearing your name tag. They post as you, peek at your messages, even lock you out. It often starts small — a fake login page, a weak password — and suddenly a stranger is in your space.

How it happens:

  • Phishing pages that look real

  • Malware that steals saved logins

  • Weak or reused passwords

  • Stolen 2FA codes (SIM swap, fake prompts)

Signs to watch for:

  • New logins or devices you don’t recognize

  • Password or recovery info changed

  • Posts, messages, or purchases you didn’t make

If it happens, do this now:

  1. Change the password from a clean device

  2. Turn on 2-step verification (MFA)

  3. Sign out of other sessions; remove unknown devices

  4. Scan your device and update it

  5. Tell contacts that recent messages might be fake

Prevent it:

  • Use strong, unique passwords (a manager helps)

  • Keep MFA on; prefer an app or security key over SMS

  • Double-check the web address before logging in

  • Keep your system and apps up to date


Quote
Hijacking = someone acting as you. Act fast and lock it down.


    Glossary (A–Z)

    All A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

      • Related Articles

      • Social Engineering

        What it is Social engineering is tricking people into doing something they shouldn’t - like clicking a link, sharing a code, or paying a fake invoice. Instead of hacking computers, attackers hack trust with stories that feel urgent, helpful, or ...

      • Account Compromise

        What it means: Someone who isn’t you gets into your account and can act as you. They might read your messages, change settings, or try to steal money. How it usually happens: Phishing: you’re tricked into typing your password on a fake page. Malware: ...

      • Session Hijacking

        What it is Session hijacking is when an attacker steals your “logged-in” state - the cookie or token that proves you’re you - and uses it to act as you without knowing your password. They might grab it over a weak or fake Wi-Fi, from a infected ...

      • EDR (Endpoint Detection and Response)

        What it is EDR is your always-on security team for laptops and servers. It watches what’s happening on each device, spots attacks in progress, and helps you respond fast - quarantine, investigate, and clean up. For details on capabilities and use ...

      • Conversation Interception

        What it is Conversation interception is when attackers sneak into an email thread—by hacking a mailbox or buying stolen archives—and quietly read along. Once they know the context, they can impersonate one side (e.g., a supplier or buyer) to reroute ...