Discovering or suspecting that your crypto account has been compromised is one of the most frightening things that can happen to a digital asset holder. The clock starts immediately. Unlike a fraudulent bank transaction which can be reversed for days or weeks, crypto transfers are permanent and execute in seconds. Here is what to do โ in order โ in the first 60 minutes.
Immediate Steps: The First 10 Minutes
Step 1: Do not panic. Panic leads to mistakes that compound the damage. Take a breath and work through this list deliberately.
Step 2: Disconnect from the internet. If you believe your device itself is compromised โ you clicked a suspicious link, installed something unusual โ disconnect it from the internet immediately. This can stop an ongoing credential theft or active session.
Step 3: Log into your exchange from a different device. Use your phone instead of your computer, or borrow a trusted family member's device. Log in and immediately enable a withdrawal freeze or change your withdrawal whitelist settings if your exchange offers those features.
Step 4: Change your password from the clean device. Use a strong, unique password you have never used anywhere else. Enable two-factor authentication using an authenticator app โ not SMS โ if you have not already.
Minutes 10โ30: Assess and Contain
Check your account's transaction history and login history. Most exchanges show recent login attempts with IP addresses and timestamps. Look for any transactions or login attempts you do not recognize. Screenshot everything for your records โ this documentation matters for any report you make later.
Change the email address associated with your exchange account if possible, or at minimum change the password on that email account immediately since email compromise is often how exchange accounts are taken over.
Minutes 30โ60: Report and Rebuild
Contact your exchange's fraud or security team using contact information found directly on their official website โ not a number provided in any email or message you received. File a police report with the Lee County Sheriff or Collier County Sheriff, as this documentation is required for any insurance claims and is valuable for federal referrals. Report the incident to the FTC at reportfraud.ftc.gov.
Once the immediate crisis is managed call us at 239-990-1615. We provide incident response support to clients and can help you understand what happened and rebuild your security posture to prevent a recurrence.
Do Not Wait for an Incident to Prepare
Book a free 15-minute call and let us help you build a security setup that is breach-resistant before anything goes wrong.
๐ Book Your Free Call