What to do if your account is compromised

If you think someone got into your account, do not panic. Move fast and follow this list. We are here to help.

Step 1. Change your password

Sign in to ShoutXChange. Go to Settings. Click Change password. Pick something new and long. Use a password manager if you have one. It is the easiest way to make a strong password.

If you cannot sign in because the hacker changed the password, click "I forgot my password". We send a reset link to the email on file. If they also took your email, see step 4.

Step 2. Turn on two-factor

If you had not turned it on, do it now. Settings, Security, Turn on. This stops the hacker from getting back in even with the password.

Step 3. Check your activity

Go to Settings, Security, and look at the Sign-in history. We show every recent sign-in with a time and a rough location. If you see one that was not you, that is your hacker.

Click Sign out everywhere. This boots all sessions, including theirs. They will have to know your new password to sign back in. With two-factor on, even that is not enough.

Step 4. Check your email

Go to your email and check for password reset emails you did not start. If your email is also hacked, change your email password too. And turn on two-factor on the email. Email is often the door the hacker came through.

Step 5. Check your OnlyFans

Sign in to OnlyFans. Look at recent direct messages and recent posts. If you see anything you did not send, delete it.

Go to OnlyFans account settings, find connected apps, and remove ShoutXChange for now. Then reconnect it from the ShoutXChange dashboard once you are sure your accounts are clean.

Step 6. Tell us

Use the contact form. Pick "Account safety" as the topic. Tell us when you noticed and what you saw. We can check our logs from our side, freeze any open trades, and pause any pending invoices while we sort it out.

We will not charge any new fees on your account while a safety issue is open.

Step 7. Update other sites

If the hacker may have got your password from a leaked list, change the same password on any other site you used it on. Use a different password each place. A password manager makes this painless.

How to make this less likely next time

• Long passwords. Twelve characters or more, mixed.
• Different passwords on every site.
• Two-factor on ShoutXChange, on your email, and on OnlyFans.
• Save your recovery codes somewhere safe.
• Do not click sign-in links in random emails. Always go to the real site directly.