Right. Take a breath. We will help you sort this.
If you think your computer, email or an account has been hacked, the first ten minutes matter. Below is what to do right now, then a number you can call.
Three calm steps, in order.
These work for most of the situations we see. If something does not match, skip to step four and just call us. We will talk you through it.
01
Disconnect, do not power off
If a device is showing pop-ups, ransom screens or behaving strangely, take it off Wi-Fi. Pull the Ethernet cable if there is one.
- Do not turn the device off. We may want to look at what is running.
- Do not pay anything. Ransoms rarely give the data back.
- Note the time and what you saw on screen if you can.
02
Change the most important password
From a different device, change your main email password. That is the account most other accounts can be reset from.
- Use a different device, ideally a phone you trust.
- Pick a long passphrase, not "Password123".
- If you have a password manager, change in there and let it sync.
03
Turn on two-factor where you can
If 2FA was not already on for email, banking and the main social accounts, turn it on now. App-based, not text where possible.
- Microsoft, Google, Apple all have it in their security settings.
- Authenticator apps are stronger than SMS codes.
- Print or save the backup codes when offered.
The three most common scenarios we see.
Scenario 01
Ransomware on a PC
Files are locked, there is a message demanding a payment in cryptocurrency, the desktop background may have changed.
What to do
Do not pay. Disconnect the device from the network and leave it on. Call us. If we have a backup we restore from there. If not, we work out what is recoverable.Scenario 02
Email account taken over
Strange sent items, contacts saying they have had odd emails from you, password reset emails you did not ask for.
What to do
Change the email password from a separate device. Turn 2FA on. Check the sent folder and rules / filters. Tell your contacts. Call us if anything in the inbox is sensitive.Scenario 03
Clicked a phishing link
You clicked a link, then thought "that was not right", or your browser warned you, or you typed credentials into a fake page.
What to do
Change any password you may have entered. Turn on 2FA. Run a virus scan. Tell us what page it was so we can check it. If it was a work login, tell your team immediately.
§ 04 · Helpful next
A few useful things while you wait for us.
- Check a suspicious email
Our free heuristic checker. Paste the email, get a plain-English read.
- Check if your email is in a breach
Type your email at Have I Been Pwned to see if it has appeared in a known leak.
- How we usually help afterwards
MFA, password manager, backups, sensible defaults. The boring fixes that actually matter.
- Official NCSC advice
The UK National Cyber Security Centre's plain-English guidance for home and work.
If money has already moved, contact your bank's fraud line first, then us. If a business email account has been compromised and you handle personal data, you may also need to think about ICO breach reporting. We can help you decide.
§ 05 · Get in touch
Need a real person now?
Tell us what is happening in your own words. We will reply the same working day, sooner during opening hours. No fix, no fee on the diagnostic.