Been Hacked or Scammed? Here’s What to Do.

Share This

N/A

Been Hacked or Scammed? Here’s What to Do.

This page is for individuals and families dealing with a cyber incident: a hacked email or social account, an online scam, identity theft, a suspicious text, or a device that may be infected with malware.

Fusion Computing provides managed IT and cybersecurity services for Canadian businesses. We built this page because many people who contact us are individuals who need help fast but are not sure where to start. We do not provide home IT support or consumer device repair, but we want to point you to the right next step immediately.

If you need hands-on help with a personal computer, start with a reputable local repair provider. Canada Computers lists virus and malware removal services, and a strong local independent repair shop is often a good second option.

If you are a business owner or IT decision-maker dealing with a security incident at your company, skip this page and contact our team directly.

What to Do If Your Email Has Been Hacked

Your email account is the master key to everything else: banking, shopping, social media, government logins, password resets, and inbox-based identity verification. If someone controls your email, they may be able to reset access to many of your other accounts.

Step 1: Use a clean device if possible.
If you suspect the device itself may be infected, do not change passwords from that same device until you have run a full malware scan or switched to a different trusted device. Microsoft explicitly advises clearing malware before changing the password on a compromised account.

Step 2: Use your provider’s official recovery page.
Go directly to the official recovery flow for your provider. Do not search for recovery forms in Google while panicked — that creates room for phishing ads and fake support pages. Go straight to one of these:

If the attacker has changed your recovery email and phone number and the normal recovery process does not work, go directly to your provider’s official support site for advanced identity verification options.

Step 3: Change your password to something new and unique.
Use a strong password or passphrase you have never used anywhere else. Password reuse is what turns one compromised account into five. The Canadian Centre for Cyber Security recommends MFA to defend against credential stuffing, and Get Cyber Safe recommends password managers because they let you use strong, unique passwords across accounts. Fusion uses Keeper for business environments, and it works just as well for individuals and families.

Step 4: Turn on two-factor authentication (2FA).
Enable 2FA or MFA on the account as soon as you regain access. Where the service supports it, an authenticator app (Google Authenticator, Microsoft Authenticator, or the one built into Keeper) is preferable to SMS codes. SMS codes can be intercepted if your phone number is ported by an attacker (called SIM swapping). Authenticator apps are tied to your physical device and cannot be redirected.

  • Gmail: Settings > Security > 2-Step Verification
  • Outlook/Hotmail: Security settings at account.microsoft.com
  • Yahoo: Account Security > Two-step verification
  • Apple: Settings > [your name] > Sign-In & Security > Two-Factor Authentication

Step 5: Check for hidden persistence.
After you regain access, review:

  • Forwarding rules (Gmail: Settings > Forwarding and POP/IMAP; Outlook: Settings > Mail > Forwarding)
  • Recovery email and phone number
  • Connected apps and third-party access
  • Recent logins or devices
  • Sent mail

Attackers often do not lock you out immediately. They quietly add forwarding or change recovery details so they can come back later.

Step 6: Warn your contacts.
If suspicious messages were sent from your account, tell your contacts not to click links, open attachments, or send money.

Step 7: Change passwords on any other accounts that reused the same password.
That includes banking, shopping, cloud storage, and social media.

If you still cannot recover the account, report the incident through Canada’s national cybercrime and fraud reporting system and, if needed, by phone to the Canadian Anti-Fraud Centre at 1-888-495-8501.

What to Do If Your Social Media Has Been Hacked

Compromised social accounts are often used to scam your contacts, spread malicious links, impersonate you, or lock you out permanently.

Use the platform’s official recovery path:

After you regain access:

  • Change the password to something unique
  • Enable two-factor authentication
  • Review active devices and sessions
  • Remove suspicious apps or account connections
  • Delete fraudulent posts or messages
  • Review your profile information for changes to bio, photo, or contact details
  • Tell followers or contacts that the account was compromised

If you cannot recover the account, report it to the platform for takedown or disablement so the attacker cannot keep impersonating you.

What to Do If You’ve Been Scammed Online in Canada

If you sent money, shared account credentials, revealed card information, or responded to a scam message, speed matters.

Step 1: Stop communicating with the scammer.
Do not reply, negotiate, or pay additional “release fees,” “processing fees,” or “recovery fees.” The Canadian Anti-Fraud Centre warns that fraud victims are often targeted again by people pretending they can recover the money.

Step 2: Contact your bank or card issuer immediately.
Use the number on the back of your card or the number inside your banking app. Ask them to freeze or replace affected cards, review recent transactions, and note the fraud on your file.

Step 3: If the payment was an Interac e-Transfer, contact your bank immediately.
You can cancel an e-Transfer only if the recipient has not yet deposited the funds. If the recipient has Autodeposit enabled, the transfer deposits instantly and cannot be cancelled at all. Contact your bank immediately regardless — they may be able to help through other channels.

Step 4: If you paid with gift cards, report it right away.
Gift-card payments are a major fraud signal. The Government of Canada explicitly says that organizations like the CRA will never demand immediate payment in retailer gift cards.

Step 5: Report the incident nationally.
Use Report Cybercrime and Fraud, which routes reports to the RCMP and the Canadian Anti-Fraud Centre. You can also report to the CAFC by phone at 1-888-495-8501.

Step 6: File a report with your local police.
This helps create the paper trail you may need for disputes, insurance, or identity-theft cleanup. Ask for a case number and keep it.

Step 7: Change passwords anywhere you reused credentials or revealed information.

Common Canadian scam themes:

  • CRA impersonation: CRA warns that it will not demand or pressure immediate payment, and will never demand payment via gift cards.
  • Delivery-text scams: Canada Post warns that it will not text you asking for payment, banking information, or login details for deliveries.
  • Romance scams, tech-support scams, employment scams, marketplace scams (Facebook, Kijiji, Craigslist), and investment or cryptocurrency scams.

If you lost a significant amount of money, do not let embarrassment stop you from reporting it. Reporting helps investigators connect patterns and can protect other people.

What to Do If You’re a Victim of Identity Theft in Canada

Identity theft is when someone uses your personal information without permission to open accounts, apply for credit, redirect mail, commit tax fraud, or impersonate you financially.

Step 1: Contact both credit bureaus separately.
Do not assume one bureau will notify the other. Equifax Canada states that when you place an alert with Equifax, it only applies to your Equifax credit report, and you need to contact TransUnion directly. TransUnion confirms they do not share alert information with Equifax.

  • Equifax Canada: 1-800-465-7166
  • TransUnion Canada: 1-800-663-9980

Step 2: Ask for a fraud alert or identity alert on both files.
FCAC advises Canadians to ask both major bureaus to place a fraud alert on their credit report after fraud or identity theft.

Step 3: Add a consumer statement with your phone number.
At Equifax, an Identity Alert can include a personal statement and a mandatory phone number. In Ontario and Manitoba, this alert requires lenders to call and verify your identity before extending credit. In other provinces, lenders are encouraged but not legally required to call. FCAC confirms that adding a consumer statement is free. Equifax allows up to 800 characters.

A practical statement: “Potential identity theft. No new credit or account changes authorized without calling [your phone number] to verify.”

Contact TransUnion as well to add an equivalent alert and statement to your TransUnion file.

Step 4: Get both credit reports and review them carefully.
FCAC confirms that Canadians can access free credit reports from both Equifax and TransUnion. Review them for unfamiliar accounts, hard inquiries, addresses, employers, or phone numbers you do not recognize.

Step 5: Report the incident.
Report through Report Cybercrime and Fraud, file a police report, and contact your financial institutions. If your SIN may be misused, contact Service Canada at 1-866-274-6627.

Step 6: If a company exposed your data, consider the Privacy Commissioner route.
The Office of the Privacy Commissioner of Canada explains how organizations report privacy breaches and how individuals can file complaints.

Step 7: Document everything.
Keep a log of every call, report number, and letter. Identity theft resolution can take months. A clear paper trail makes every conversation easier.

Step 8: Monitor your credit reports for 12–24 months.
Set calendar reminders to check quarterly. Some identity thieves wait months before using stolen information.

Signs your identity may have been stolen:

  • Bills or collection notices for accounts you did not open
  • Calls from debt collectors about debts you do not recognize
  • Unexpected changes to your credit score
  • Mail that stops arriving (the thief may have redirected it)
  • Tax filing rejected because a return was already filed in your name
  • Medical bills for treatment you did not receive

Important note about credit freezes in Canada:
Credit-lock or credit-freeze functionality is currently available only to Quebec residents under the Credit Assessment Agents Act (Bill 53). TransUnion confirms that only Quebec residents are eligible, and Equifax Canada’s credit lock is also limited to Quebec. Outside Quebec, fraud alerts, identity alerts, consumer statements, and credit monitoring are the practical path.

How to Handle Phishing Emails and Suspicious Texts

Phishing is a fake email, text, or message designed to trick you into clicking a link, downloading a file, or giving away information. It is the most common way Canadians are targeted by cybercriminals.

Warning signs:

  • Creates urgency: “Your account will be suspended,” “Act within 24 hours”
  • Asks you to click a link to verify your identity, payment, or account
  • The sender’s email address does not match the organization it claims to be from
  • Uses a generic greeting (“Dear Customer”) instead of your name
  • Contains a link that goes somewhere unexpected (hover over it without clicking to check)
  • Asks for information the organization should already have

Note: AI-generated phishing is increasingly polished. Spelling and grammar errors are no longer a reliable indicator. Focus on the other signals above.

CRA warns Canadians not to click links or reply to scam messages pretending to be from the agency. Canada Post warns that suspicious delivery texts often use urgency, fake payment requests, and non-Canada Post links.

If you receive a suspicious message:

  • Do not click links or open attachments
  • Do not reply
  • If the message claims to be from your bank, CRA, or another real organization, contact that organization using its official website or the number on your card
  • Forward suspicious text messages to 7726 (SPAM). Get Cyber Safe recommends forwarding smishing texts to 7726.
  • Report phishing emails to the Canadian Centre for Cyber Security: [email protected] or 1-833-CYBER-88
  • Delete the message

If you already clicked a link or entered information:

  • Change the affected password immediately from a clean device
  • Enable two-factor authentication
  • Contact your bank if you entered financial information
  • Run a full malware scan
  • Report the incident through Report Cybercrime and Fraud

What to Do If Your Device Has Malware

If your computer or phone suddenly becomes slow, starts opening windows on its own, redirects your browser, floods you with ads, or shows ransom-style warnings, it may be infected.

Steps you can take yourself:

  1. Disconnect from Wi-Fi or unplug the network cable.
  2. Run a full malware scan. On Windows, Microsoft Defender Antivirus is built in and on by default in Windows 10 and 11. On Mac, Malwarebytes offers a free scan.
  3. Remove suspicious recently installed software. On Windows: Settings > Apps > Installed Apps, sort by install date.
  4. Remove suspicious browser extensions.
  5. Update your operating system and all applications.
  6. Change passwords for sensitive accounts from a different trusted device.

For phones:

  • iPhone: Update to the latest iOS, delete suspicious apps, restart. If problems persist, back up and factory reset.
  • Android: Run a scan with Google Play Protect (Settings > Security > Google Play Protect). Uninstall unfamiliar apps. Avoid installing apps from outside the Google Play Store.

When to get professional help:

If malware keeps coming back, if your device is locked by ransomware, or if you are not comfortable doing these steps yourself, take it to a reputable local repair provider. Canada Computers lists virus and malware removal services. A well-reviewed local independent repair shop is another reasonable option. Best Buy/Geek Squad and Staples Tech Services are additional options across Canada.

What to avoid:

  • Pop-ups claiming your computer is infected and telling you to call a number. Close the browser (Ctrl+Alt+Delete > Task Manager if needed). Do not call the number.
  • Unsolicited phone calls offering tech support. Microsoft, Apple, and Google will never call you about a virus.
  • Downloading antivirus software from pop-up ads. Legitimate antivirus tools come from their official websites.
  • Anyone demanding payment by gift card or e-Transfer to fix a virus.

Cybersecurity for Seniors: Helping an Older Family Member Stay Safe Online

Older adults are heavily targeted by fraud and scam activity in Canada. Government of Canada guidance aimed at older Canadians explicitly says they are targeted more than others, and Get Cyber Safe warns that vishing and voice-cloning tactics are making impersonation scams more convincing.

The main risks:

  • Government or police impersonation scams (CRA, RCMP, CBSA)
  • Tech-support scams (fake pop-ups or unsolicited calls)
  • Romance scams
  • Grandparent scams, now sometimes using AI voice cloning
  • Fake delivery or bank messages
  • Investment scams

Practical ways to help:

  1. Set them up with a password manager. Keeper offers family plans. They only need to remember one master password.
  2. Turn on MFA for email, banking, and social media.
  3. Turn on automatic updates so security patches install without them needing to do anything.
  4. Install a reputable ad blocker (uBlock Origin is free and effective) to reduce malicious pop-ups.
  5. Register their number on the National Do Not Call List to reduce telemarketing calls. This will not stop scammers but reduces background noise.
  6. Establish a family verification rule. If anyone calls claiming to be a family member in trouble or demanding money, the person hangs up and calls that family member directly on their known number before doing anything.
  7. Encourage them to call you before clicking, paying, or sharing information. The single most protective habit.
  8. Consider call screening. Many Canadian carriers and devices provide spam-call filtering or call-control features, but the options vary by provider.

If they have already been scammed:

Do not blame them. Help them report to the CAFC (1-888-495-8501), contact their bank, and file a police report. Then help them put the protections above in place to prevent it from happening again.

Most importantly, keep shame out of it. Older adults who feel embarrassed are less likely to ask for help early. These are professional criminal organizations that manipulate people for a living.

For more guidance, Get Cyber Safe has resources specifically designed for Canadians.

Canadian Cybersecurity and Fraud Reporting Resources

Report Cybercrime and Fraud
Canada’s national reporting system for cybercrime and fraud, tied to the RCMP and CAFC.

Canadian Anti-Fraud Centre (CAFC)
Phone: 1-888-495-8501

Canadian Centre for Cyber Security
Phone: 1-833-CYBER-88 (1-833-292-3788)
Email: [email protected]

Get Cyber Safe (Government of Canada)
Public awareness program with practical cybersecurity guidance for individuals and families.

Equifax Canada
Fraud and identity-alert line: 1-800-465-7166

TransUnion Canada
General support: 1-800-663-9980

Service Canada
If your SIN may be compromised: 1-866-274-6627

Office of the Privacy Commissioner of Canada
Privacy-breach and privacy-complaint guidance.

National Do Not Call List
Free registration to reduce telemarketing calls.

Provincial Consumer Protection Offices:

  • Ontario: Consumer Protection Ontario — 1-800-889-9768
  • British Columbia: Consumer Protection BC — 1-888-564-9963
  • Alberta: Service Alberta — 1-877-427-4088

Your local police
Report incidents involving stolen money, extortion, threats, or identity theft. A police file number helps with bank disputes and follow-up.

Tip: Report to more than one place when appropriate. Your bank, the national fraud system, and your local police each serve different functions.

Practical Cybersecurity Tips for Individuals and Families

You do not need enterprise tooling to materially reduce your risk. A few habits do most of the work.

Use a password manager.
Get Cyber Safe recommends password managers because they help you maintain strong, unique credentials without reusing passwords. Fusion uses Keeper for business environments, and it is also practical for families and individuals.

Enable MFA on important accounts.
Start with email, banking, and social media. The Canadian Centre for Cyber Security recommends MFA as a critical layer even if a password is compromised.

Keep software updated.
Patching known vulnerabilities is one of the simplest and most effective forms of prevention.

Be skeptical of unsolicited urgency.
If a message pushes you to act immediately, verify independently before doing anything.

Back up important files.
If ransomware or device failure hits, a current backup matters far more than regret. Use an external hard drive, or cloud storage like OneDrive, Google Drive, or iCloud.

Protect your mail and personal documents.
Canada Post warns that mail theft can feed identity fraud. Collect mail promptly and shred sensitive documents.

Protect your credit.
If you live in Quebec, ask Equifax and TransUnion about a credit freeze. If you live elsewhere in Canada, place fraud alerts on both bureau files, add a consumer statement with your phone number, and review your credit reports at least annually.

Talk to your family.
Cybersecurity is a household discipline. A family member who has never heard of these scams is often the easiest target.

For broader public guidance, Get Cyber Safe remains one of the best official Canadian resources for non-technical users.

Are You a Business Owner Dealing With a Cybersecurity Incident?

If you are responsible for IT at a Canadian business and you are dealing with compromised accounts, ransomware, suspicious activity, or a broader security incident, this page is not the right endpoint.

Fusion Computing provides managed cybersecurity and IT services for Canadian businesses with 10 or more employees. Our team is led by a CISSP-certified security strategist and aligned to the CIS Controls v8.1 framework. We operate across Toronto, the GTA, Metro Vancouver, and remotely across Canada.

If your business is experiencing an active incident, call us at (416) 508-7802. We triage critical issues within 1 hour.

If you are evaluating your company’s security posture, book a free 30-minute Technology Health Check with a senior Fusion team member. No pressure, no obligation.

Learn more about Fusion’s Cybersecurity Services | Learn more about Fusion’s Managed IT Services

This resource was written and reviewed by Mike Pearlstein, CISSP, CEO of Fusion Computing Limited. Fusion has provided managed IT and cybersecurity services to Canadian businesses since 2012. While this page is designed for individuals and families, it reflects the same risk-reduction principles we apply every day in business environments.

Last reviewed: March 2026

About Fusion Computing

Fusion Computing has provided managed IT, cybersecurity, and AI consulting to Canadian businesses since 2012. Led by a CISSP-certified team, Fusion supports organizations with 10 to 150 employees from Toronto, Hamilton, and Metro Vancouver.

93% of issues resolved on the first call. Named one of Canada’s 50 Best Managed IT Companies two years running.

Call Us

Explore Services

Free Assessments

Coverage Areas

Contact

100 King Street West, Suite 5700
Toronto, ON M5X 1C7
(416) 566-2845
1 888 541 1611

Looking For A Simple All-In Monthly Plan For All Your IT Needs?

Reach out to Fusion Computing today to explore how our Technology Success Partner services can benefit your business.

What do you need help with?