Last week, I got an email from a friend inviting me to a party. I clicked the link, but the invite didn’t open. I did it a few more times and then had the sinking feeling….this is a fake email. I sent my friend an email asking if he’d sent out an invite to a party, and he said no… It was probably a fake. I know not to click on suspicious links, but I was tricked into opening it because I knew the person.
I started getting emails from a few friends asking if I’d invited them to a party, and I knew something was wrong. So I changed the password on my email, ran a virus Scan, and hoped my computer wouldn’t be damaged.
I wanted to share this experience to remind everyone NOT to click links that look suspicious or that you don’t know the sender. Here are some tips if you do get hacked!
Most people imagine hacking as someone “breaking into” their computer and rummaging around. In reality, it’s often much simpler — and sneakier. When you click a malicious link, a few things might happen behind the scenes:
Your email credentials may be stolen
Some fake links lead to pages designed to capture your login information. Once someone has your password, they can sign in and send emails pretending to be you.
Malware can be installed.
Not every suspicious link installs malware, but it’s always a possibility. But Malicious software can:
- Track your keystrokes
- Steal stored passwords
- Redirect your web pages
- Send messages from your account
- Slow down or damage your computer
Your email account may be used to spread the scam, as happened in my case.
This is often the first sign that something is wrong. If friends start receiving strange messages from you, it usually means someone gained access to your account and is using your contact list to keep the scam going.
What To Do Once You Realize You’ve Been Hacked
These steps help contain the damage and protect you going forward.
Change your password immediately
Choose a strong, unique password you don’t use anywhere else.
If the hacker had access, this locks them out.
Turn on two-factor authentication (2FA)
This adds a second step — usually a code sent to your phone — so even if someone has your password, they can’t get in.
Run a full antivirus or security scan
This checks for malware or unwanted programs that may have been installed.
Check your “Sent” folder and account activity. Here is what to look for:
- Emails you didn’t send
- Login attempts from unfamiliar locations
- Settings changes (like forwarding rules)
If anything looks off, report it to your email provider.
Alert your contacts
- Let people know not to open anything suspicious that appears to come from you. A simple, calm message works best. If you have a lot of contacts, try to reach the ones you email most.
- Put a note on social media about the hack. Keep it short and recommend that people check for suspicious emails and delete them.
Monitor your bank accounts for unusual activity
- If the same password was used elsewhere (banking, shopping, social media), change those too.
- Notify your bank if you see any suspicious activity on your account.
Last but not least… know that even the most tech-savvy people get fooled. Scammers rely on trust — especially when a message appears to come from someone you know. The goal isn’t to feel embarrassed; it’s to stay alert and help others stay safe, too.
Thanks for reading, and stay safe!
