Regardless of how you discover that something wrong is going on, once you know your account has been hacked, please follow the following steps:
Update your devices
All operating systems and applications on the devices you use should be updated. The updates will install the latest security patches. If your operating system or application is already up-to-date, run a scan with your antivirus software.
Please contact the service provider
If you are unable to access your account, please be advised to visit the website of the service provider you are using, and contact the help or support department, who will give you thorough instructions for the account recovery process.
If you are unable to find what you need, type in Google, or another search engine you are using, a phrase such as “Facebook account hacked” and follow the advice published by your service provider.
If your email account has been hacked...
Upon regaining control of it, check your email filters and forwarding rules. It is often the case where an account hacker sets up an email forwarding rule that sends them a copy of all received emails. Information on how to do this can be found on the websites of individual service providers (e.g. for GMAIL at: https://support.google.com/mail/answer/10957?hl=pl).
Upon confirmation of the absence of unwanted email redirect rules, change the passwords on all accounts that have the same password as the hacked account. Subsequently, change the passwords of all other accounts that send reminders/password reset to the hacked account. If you want to learn how to create secure passwords, please read the Poland’s CERT guide: https://cert.pl/posts/2022/01/kompleksowo-o-haslach/
Set up two-step verification (2FA)
This provides an additional layer of protection against hacking into your account in the future (a guide on how to do this for GMAIL can be found at: https://support.google.com/accounts/answer/185839?hl=pl&co=GENIE.Platform%3DDesktop)
Notify your contacts
Get in touch with the contacts, friends, or followers in your account. Let them know you have been hacked. This will help them avoid being hacked or cheated (it could look like this: https://blik.com/oszustwo-internetowe-na-znajomego-z-facebooka-wciaz-popularne-wsrod-zlodziei-nie-podawaj-kodu-blik). You should contact people you know, whether you have successfully restored your account or not.
If you are unable to recover your account...
You can choose to create a new one. After doing this, it is important to let your contacts know you are using a new account. Please be reminded to update your details in your bank, online stores, instant messaging or any other website you use.