4 Signs Your Online Accounts May Have Been Compromised

4 Signs Your Online Accounts May Have Been Compromised

Survey showed that online fraud could happen to one in every ten people, and there’s a chance you can be an unsuspecting victim. We’ve had our fair share of fraud incidents and consistent attempts at breaching some of our critical online accounts – Gmail, Paypal, online banking and much more.

Not many people can immediately notice it while others will only discover it after they’ve already been victimized.

Here are four sure signs that will help tell you if your online accounts have been compromised.

Suspicious Account Activity

One of the more prominent signs that your account has been compromised is that it’s showing weird activities. Here are some examples of uncommon behaviors that a compromised account may exhibit:

E-mail accounts

  • Messages you didn’t send are bouncing back.
  • Messages you didn’t send are appearing in your sent mail.
  • Your contacts are receiving e-mails that you did not send.
  • Your account folders (inbox, sent, deleted, etc.) has been emptied.
  • Your e-mail settings have been changed but not by you.
  • You keep on getting bumped offline when you sign in to your account.
  • You are no longer receiving new e-mails.
  • During sign-in or when sending a message, you’re asked to pass an image challenge.

Social Media Accounts

  • Your account is posting links on your wall or news feed on its own.
  • Your account is sending messages to your contacts that you did not send.
  • Your personal information (name, birthday, address, etc.) has been changed.
  • You are being logged out from your account.
  • You can no longer log in to your account.

Online Bank Accounts or Credit Cards

  • Unauthorized purchases.
  • Unauthorized subscriptions. (ex. subscriptions to online magazines, a monthly supply of a certain product)

System alerts

Most, if not all, emails and social media platforms have built-in security systems that notify their users of any account changes being made to the account; Some even offer layers of added security like secondary pins or 2-factor verifications aside from passwords.


If you are receiving any of the following prompts or alerts without your doing it is possible that your accounts have been compromised:

  • Email alerts for request of a password change or reset. Although this entails that someone is trying to access your account and it is does not necessarily mean you have been compromised, take this as a warning.
  • A secondary device is receiving pins or prompts for login authentication without you’re doing — ex. G-mail has a 2-step login feature where you have to link a device to your email. Each time you log in to your account, your device would receive a prompt to authenticate the login.
  • Emails or alerts that you have logged in from a different location.

Unknown Activity History

If your accounts have recorded activities that you did not do or remember, then your account may have been compromised. Here are a few examples:

  • Google has their own My Activity page where it records all the activities that you do with the various apps that they have, if any of these activities were not done by you then it is possible that you have been compromised.
  • Microsoft has a Recent Activity feature where it records when and where you’ve used your Microsoft account, the page has its own built-in alert system when it detects weird activity in your account. But still, if you see any activity you haven’t done then it’s possible that you may have been compromised.

Unrecognized Devices in Authorized List

Many of the popular sites, like Google and Facebook, provide you with a list of devices that you’ve authorized to gain access. You can check this in the settings portion of your account.

If you notice that there are devices in your “Authorized” list that are not yours then it may be possible that you have been compromised.

Be extra alert!

Being alert and aware of these potential attempts can save you a lot of headache and money. Just do the routine checks on a regular basis so you can easily spot them even before the culprits can actually get in. We’re working with Globe Telecom on a series of #makeITsafePH articles and guides to help you be more informed and attentive when logging online.

More #makeITsafePH security tips:

Zen Estacio is a Multimedia Producer for YugaTech. He is the team's laptop guru and one of their resident gamers. He has a monthly column compiling the latest and greatest the Nintendo Switch has to offer. Aside from that, he regularly writes gaming news, reviews, and impressions. You can hit him up at @papanZEN

You may also like...

5 Responses

  1. Maiba Lang says:

    nakow hindi lang online… yung mga nagbabahay-bahay na taga-NSO daw… hingan ninyo ng ID o kaya huwag ninyo ilagay ng kumpleto yung info inyo.

  2. Mark Alvin Chua says:

    Note though that receiving a “reset password” or “recover password” message in your email for other accounts without you requesting it does not necessarily mean your account has already been compromised. Most likely someone is trying to gain access to (compromise) your account but have not yet. The article seems to imply that receiving these messages means that you are already compromised.

    Though I could be wrong.

    • Zen Estacio says:

      Hi Mark!

      Thank you for bringing that up i may have missed adding the explanation, In any case i have updated the article.

  3. silverlokk says:

    Messages you didn’t send are bouncing back.

    Your contacts are receiving e-mails that you did not send.

    Not necessarily signs of a compromised account. It’s so easy to send mail from an email address other than your own. I can, e.g., send mail supposedly from the yugatech.com domain, say [email protected], and if it bounces, it’ll go to the address I faked ([email protected]), not my own.

    Although the sending email faked with an address other than one’s own is probably even a criminal offense, a violation of the E-Commerce Act

Leave a Reply


%d bloggers like this: