Skip to main content
Transport and Communications Agency

Advice to help you protect your accounts

Attempts to break into and hijack accounts used in online services are often made using different methods. This article contains brief instructions on how to protect yourself in advance and what to do after a breach.

Often, attempts to break into the accounts of different services, such as social media, games and e-mail, are made actively using different methods. This article has a short list of the most effective protection methods and instructions on what to do after a breach, as well as links to the instructions of the most common services in case of these situations. With regard to services offered by an organisation (such as the workplace), you should contact maintenance or technical support both when checking the security settings and in case of a data breach.

Proactive protection

  1. Use a unique password for each service.
  2. Make sure that there is more than one type of contact information linked to the account (e-mail, telephone number or similar).
  3. Check that the contact information linked to the account is active and under your own control – the e-mail account exists and you can access it, the telephone number has been entered correctly and it is still in use.
  4. Use two- or multiple-factor authentication (2FA, MFA); see links to the most common services below.
  5. Make sure that you have other options available in addition to the primary MFA option. You should think about what to do if an application on a smart device cannot be used because the device is broken, for instance (in that case, e.g. an SMS-based additional confirmation can be used as the second option).
  6. Make sure that the e-mail addresses linked to the services’ accounts have also been protected based on the things you have now learned.
  7. Keep delegated rights, if any, and their consequences in mind – if the account has rights to other accounts or services, or if other accounts can use the account, they should be protected in the same way to avoid vulnerabilities.

After a breach

  1. Try to take control of the account back by using the automated tools of the service in question. Beware forged phishing messages! Many services have automatic warning functions in use for password changes and new logins.
  2. Contact the service’s administration to start the account restoration process, if the automated tools do not work. Links to the most common services can be found below.
  3. File a report of an offence in the case. You can file the report of an offence in the case either online or at your local police station. Demand that the perpetrator be made responsible for their offence. If the process feels difficult, ask for help from Victim Support Finland (RIKU).
  4. Report the matter to the National Cyber Security Centre Finland. You can either use the notification form (below) or send a free-form e-mail to the address cert@traficom.fi.

Useful links

If you think that a popular service is missing from the list below, please tell us about it on Twitter! Our handle is @certfi.

Police of Finland

File a police report  Ulkoinen verkkopalvelu.
Cybercrime Ulkoinen verkkopalvelu.

Victim Support Finland

Contact request  Ulkoinen verkkopalvelu.

National Cyber Security Centre

Report to us (Notification of intormation security breach)
Take control of your passwords – Who is using your account?
Guide to protecting yourself against data breaches

Facebook

Report Compromised Account  Ulkoinen verkkopalvelu.
What is two-factor authentication and how does it work? Ulkoinen verkkopalvelu.

Twitter

Help with my hacked account  Ulkoinen verkkopalvelu.
How to use login verification  Ulkoinen verkkopalvelu.

Instagram

I think my Instagram account has been hacked Ulkoinen verkkopalvelu.
What's two-factor authentication? How do I use it?  Ulkoinen verkkopalvelu.

LinkedIn

Reporting a Hacked Account  Ulkoinen verkkopalvelu.
Two-Step Verification - Overview  Ulkoinen verkkopalvelu.

Apple ID

If you think your Apple ID has been compromised  Ulkoinen verkkopalvelu.
Two-factor authentication for Apple ID  Ulkoinen verkkopalvelu.

Gmail, Google accounts

Secure a hacked or compromised account  Ulkoinen verkkopalvelu.
Turn on 2-Step Verification  Ulkoinen verkkopalvelu.

Hotmail, Outlook, Live

My Outlook.com account has been hacked  Ulkoinen verkkopalvelu.
How to use two-step verification with your Microsoft account  Ulkoinen verkkopalvelu.

Twitch

Account hacked, what do I do?  Ulkoinen verkkopalvelu.
Setting up Two-Factor Authentication (2FA)  Ulkoinen verkkopalvelu.

PayPal

Report identity theft Ulkoinen verkkopalvelu.
How do I turn on or off 2-step verification for PayPal account login? Ulkoinen verkkopalvelu.

Pinterest

Reset password  Ulkoinen verkkopalvelu.
Contact support regarding account access issues Ulkoinen verkkopalvelu.
Two-factor authentication  Ulkoinen verkkopalvelu.

WhatsApp

Stolen accounts  Ulkoinen verkkopalvelu.
About two-step verification  Ulkoinen verkkopalvelu.

Yahoo

Secure your Yahoo account  Ulkoinen verkkopalvelu.
Add two-step verification for extra security Ulkoinen verkkopalvelu.

Page was last updated