If you think your account may have been compromised, but you're not sure, please do the following:
- Look at your Login Logs for anything suspicious. Your login logs can be seen by going to your Settings → Password & Security screen. When on this page, click Review next to your logged in sessions, and then click View all logins in the last 4 weeks. Here, you can see if there are any logins you don't recognize.
- On your Settings → Password & Security screen, you can also check for any currently logged in sessions and remotely log out any that you don't recognize as you.
What makes a login suspicious?
- A login at a time you know you weren't on your account. Be mindful that computers that are left on can be continuously checking. Likewise, mobile devices will also check in the background.
- A login from a location you haven't been to. Be aware that the IP address shown for a login is only approximate: it's not uncommon to see an IP address showing as a different town or even state than your actual location. Your location may also not be accurate when connected to a mobile network, and the location may show as the IP address of either a device or ISP that you're using.
Securing your account
Even if you don't see any supicious logins, you may have other reasons to believe your account details have been stolen. As such, it's a good idea to follow the steps below.
Scan your computers for malware using software from a reputable company. One way that accounts are commonly compromised is through key-logging malware.
If you can still log in, change your password immediately. If you can't log in and need to reset your password, please use our account recovery tool. If you're having trouble with the account recovery tool, please contact our support team and explain the situation, and they will assist you further.
Once you have access to your account, we highly recommend enabling two-step verification to make it a lot harder for your account to be compromised.