As a computer or internet user, do you always know when you’ve been hacked? A few years ago, malicious hackers might have cried for attention because they wanted to score political points or simply enjoyed causing mischief. These days, digital criminals prefer to work in stealth mode to reduce the chance of getting caught and stopped. In many cases, other internet users might realize that you’ve got a problem before you do. Make certain that you can spot more subtle signs that you’ve been hacked, so you can respond quickly and appropriately.

5 Common but Subtle Signs You’ve Been Hacked

No matter what kind of security software you have installed, you have to remain alert and skeptical when you use your computer or other connected device. These examples of computer hacking may seem obvious with hindsight, but they’ve fooled a lot of  intelligent people:

1. Counterfeit Computer Virus Alerts

Your own security software might send you alerts after it has detected a virus. Typically, legitimate products will display a small popup box over your taskbar that displays warnings. In contrast, you should view the large, brightly colored popups or redirect pages that hackers use to frighten you into acting impulsively as red flags that somebody is trying to trick you.

Fake virus messages might warn you that your computer has already been infected with hundreds’ of viruses and then offer you a link to a page that will offer to fix the problem for a fee. In other cases, the popup might ask you to call a toll-free number to get help. Whatever you do, don’t panic and pay that fee or call the phone number. If you do, the hacker not only has managed to inject code into your phone or computer, they’ve also snatched personal information.

Here’s what you should do instead:

• Sometimes, you can remediate the problem by simply closing your browser window or rebooting your device.
• You might also check your browser extensions or add-ons to see if you find any unfamiliar names on the list. If so, you can delete them.
• If you haven’t solved your problem yet, try rebooting your computer in safe mode and uninstalling any software you don’t recognize.
• After you’ve cleared these fake virus warnings, run a full scan with your own virus software just to make sure that the injected code hasn’t left any remnants behind.
• If you need more help, your computer or security manufacturer may have a toll-free number that you can call. Otherwise, you may need to take a trip to a reputable computer-repair service.

2. New Toolbars, Frequent Popups, or Internet Site Redirects

Hackers also might inject code into your browser that installs new toolbars you did not request or displays frequent popups at random intervals. In many cases, people actually do unintentionally agree to annoying toolbars and popups because they did not carefully read the fine print that comes with other software that they download on purpose. While you may not have wanted to install these pesky “features,” the providers may not have technically broken the law.

You should review the installed toolbars and browser extensions in order to delete any that you don’t recognize. If that doesn’t work, try deleting and installing a fresh version of your browser. If you’re not certain if your actions fixed your issue, you should certainly run your antivirus software afterwards to confirm that you’ve cleaned up the mess.

3. Your Password Doesn’t Work

You might think you’re visiting a familiar website and are certain of the password, but the site doesn’t allow you to gain access. First, confirm that you’re really on the site that you intended to visit. In rare cases, the website may simply have problems and not allow logins at the moment.

Very often, scammers will send you links in emails and messages that look legitimate but actually lead to fake sites. You should never click those links but instead, type the correct link into your internet browser. Just because these “phishing” attacks are so common and effective, your bank, cell phone provider, and certainly, your local tax authorities will not ask you to click an email link to verify your information.

You’ve already entered your password, so you should immediately change it on the legitimate version of whatever website you intended to visit. In the future, you might decide to opt into two-factor authentication for websites that contain your personal information. Two-factor authentication usually consists of having to enter a password and then getting a text with a pin code to enter as a second step. Even though this takes longer, it will save you time over having to deal with problems that digital thieves can cause.

4. You Receive Unexpected Bills or Notices of Credit

If you get notices for credit you never applied for or bills for goods you never ordered, don’t assume that the business made a simple mistake. In fact, even if you do patronize these companies, it’s likely that your regular account won’t display the orders, and some clever thief has managed to set up another account with your billing information.

This can turn into a serious problem that could impact your finances and even your credit, so you will probably have to spend some time resolving it. Very often, you won’t even get these notices until a payment is already past due, so the thieves have had time to run up plenty of bills in your name.

Don’t wait to start taking these action steps:

• Call the company that sent the notice to explain the problem. You may get transferred to a fraud department. The fraud department representative should take your statement and offer you instructions.
• Change passwords for all of your online accounts because you can’t know exactly how the thief got your information.
• File an alert with credit bureaus. If you live in the U.S., you can follow these instructions from the FTC.
• You may also choose to file a police report locally.
• Consider enrolling in a credit monitoring service.

5. Your Friends Get Messages You Didn’t Send

Having friends or online connections tell you that they received a social notification or email from you that you did not send might tell you that a hacker has managed to steal your credentials. If so, you should promptly change your password and if possible, enable more secure security options on that account, like two-factor authentication or pin codes.

These days, many would-be hackers don’t bother to steal your credentials and login to your real account. Instead, they spoof your photo and other details in order to create a duplicate account that simply looks a lot like yours. You can still take a couple of steps to stop them before they cause any more mischief:

• You might try complaining to your email provider or the social network.
• Let your contacts know about the problem, so they don’t fall for any of this pretender’s schemes.

How to Reduce the Risk of Getting Hacked

Security experts say that the only foolproof way to escape the attention of digital criminals is to lock up your devices and stay off of the internet. Good security software helps, but the developers of these products know that they’re in an arms race against their foes. To minimize your own risks, you need to remain cautious and alert to potential warning signs. If a digital thief manages to get past your defenses and you think you’ve been hacked, you should also learn which steps to take to minimize the damage.