When a Friend's Favour Turned Into an IT Emergency
Table of Contents
The Discord Ping
This story starts with a Discord ping from a university friend who studied Games Design. We hadn't spoken in about a year and a half, so seeing his message felt like finding a fiver in an old coat pocket. nice, but suspiciously convenient. Little did I know, that message would kick off an all-night IT adventure, complete with hacker drama and a surprise catch-up session.
My friend asked me to install a demo he'd supposedly made. Now, I'm all for supporting a mate's creative endeavors, but something about it didn't sit right. Installing random files? I don't think so.
The Verification Test
To test him, I pulled out the ultimate weapon: nostalgia. I fired off a quick "two truths and a lie" about our first-year uni flatmate shenanigans. If this was my real friend, he'd ace it, no problem. The response came back… and it was all truths. Ding ding ding! We have a fraudster. Hacker: 0, Me: 1.
Switching Platforms
At this point, I knew something was up. I switched platforms, messaged a couple of mutual friends, and confirmed that his account had been compromised. Time to go full IT superhero. Cue dramatic typing montage.
We jumped on a call, and my friend, a genius when it comes to designing worlds but not so much at securing them. He looked to me for help. I walked him through the steps:
Recovery Steps
- Reset your account password. Simple, but effective. Bye-bye, hacker!
- Kick off logged-in devices. Nobody likes uninvited guests.
- Trace the breach. Turns out, it was a basic phishing email. Not exactly Hollywood-level hacking. Imagine a villain saying "We're in," only to realize they're in a Gmail inbox.
Thankfully, the damage was minimal. No major theft, no compromised accounts. Just a mildly bruised ego on his end. We spent the rest of the night making sure all his accounts were locked down.
The Aftermath
Somewhere in the chaos, we started catching up. It's funny how easily you can lose touch after university. By 3 AM, we'd gone from hacker-busting to reminiscing about the good old days.
So yeah, I didn't wake up that morning expecting to moonlight as IT support, but I'm glad I did. The accounts were saved, the hacker was thwarted, and we're now ensuring we don't loose touch and keep talking. Just not at 3 AM again. And definitely not by losing touch.
Key Takeaways
If you're dealing with a compromised account, here's what matters most:
Reset your password immediately — this is the single most effective step. Choose a strong, unique password you haven't used elsewhere.
Log out all active sessions — most platforms have a "log out all devices" option in security settings. This kicks out the attacker.
Check for phishing emails — the vast majority of account compromises start with a phishing email. Look for suspicious links, urgent language, and addresses that don't match the official domain.
Enable two-factor authentication — if your platform supports it, turn on 2FA. This adds a second layer of security even if your password is stolen.
Run a security scan — if you installed anything suspicious, run a full antivirus scan. Some malware can keylog your passwords.
For more on tools and resources I use for cybersecurity, check out my Uses page. If you're interested in seeing other technical projects I've built, visit the Projects page.