After I was hacked, people charged thousands of dollars to my credit cards — I took 5 steps to keep it from happening again

The author, Chris Boutté. Chris Boutté

Insider's experts choose the best products and services to help make smart decisions with your money (here’s how). In some cases, we receive a commission from our partners, however, our opinions are our own. Terms apply to offers listed on this page.

• A message from a hacked friend on Facebook meant my information was out in the open for anyone.
• I acted fast and contacted my bank when I saw a series of transactions I hadn't made.
• I protect my accounts and my money with two-factor authentication and a password manager.

I don't know about you, but I hardly ever use Facebook anymore. But one day, last summer, I decided to check my Facebook account and had a message from an old friend asking, "Is this you?" along with a link. I get messages like this regularly from old friends as I'm an online personality and sometimes make media appearances.

Unfortunately, their account was hacked, and this link ended up providing the hackers with my information, which included the password I use for just about everything. And this is where my nightmare began.

See Insider's picks for the best banks »

I fell for a Facebook hack

I've been a computer-savvy guy for most of my life, so I should have known better, but I mindlessly clicked the link, and the consequences took a few weeks to materialize. Once my information was stolen, it was put out there on the dark web where a lot of people had access to my information.

One day, I was checking my bank account, which is something I never used to do when I was irresponsible with my money. I started seeing charges to my account for Facebook ads. Someone had charged almost $200 in Facebook ads to my PayPal account. They were able to do this because years ago, I linked my PayPal to Facebook ads years ago for some business.

That's when I started checking all of my other accounts, and they also used my email and login to try and buy things from Walmart, including an outdoor barbecue for almost $300 and a $1,300 MacBook Pro from Best Buy.

What I did to protect my money

I'm prone to anxiety, so this wasn't good, but I got my bearings and sprung into action. I took five steps that protected my money then and will continue to protect it in the future.

1. I contacted my bank

The first thing I did was contact my bank and the merchants as soon as possible. Not to spoil the story, but I ended up getting 100% of my money refunded, and it's because I acted so quickly. These hackers have a lot of shady tactics, and had I not caught this before the payments were processed and the items had shipped, I may have been out of luck.

2. I activated two-factor authentication

The next thing I did was setup two-factor authentication on every account I could think of. This way, if anyone ever tried to login to one of my accounts, they'd also need access to my email or cellphone. Previously, I never setup two-factor authentication due to the hassle, but I wish I had done it sooner.

3. I started using the password manager LastPass

I also changed all of my passwords and started using LastPass. LastPass is an awesome service that lets you store your passwords, and you can even access it on your phone. This way, you can create extremely secure passwords and not have to worry about forgetting them. You can also link it to the Google Authenticator app, which provides you with a unique, six-digit number that changes every minute or so.

4. I set up notifications from PayPal and my bank

I set up notifications for all of my accounts, including PayPal. With most banks and credit card companies, you can set it up so you get a text alert if anything is purchased. You can also set it up so it only alerts you if something is purchased over a certain amount, so you don't get too many texts.

5. I sent the details to law enforcement

Every now and then, I would get a little information about the people using my account, like their IP address or the address they were trying to ship to. After a little Googling, I found out the FBI has an Internet Crime Complaint Center where you can report these crimes, so I filed with them. I'm honestly not sure if they did anything about it, but I wanted to do my part to hopefully prevent these people from doing it to others.

My PayPal account was still linked to one place

I wish I could tell you I was completely out of the woods and put this whole thing behind me, but that's not what happened.

As mentioned, these hackers spread your information around. During the following weeks and months, and even to this very day, I regularly get emails and text messages requesting two-factor authentication codes due to people trying to login. What I've learned is they try your email and password for the most popular websites where you can order things and link your account information. This includes Amazon as well as accounts for video game consoles.

It was nice seeing the hackers attempt to login to my accounts but get shut down by my two-factor authentication, but I overlooked something. I never play my PlayStation, so I completely forgot to change that password, and my PayPal was linked to it.

Right around Christmas time, it all happened again. Some hackers logged into my Playstation account and started buying a bunch of video games. Since I get notifications, I was able to catch this immediately and get refunded by Playstation and change my passwords.

Today, I still get notifications that people are trying to login, but I'm pretty sure I've changed the information for all of my accounts linked to any payment information. I'm keeping a close eye on my accounts and my finances.