Complete OPSEC & Emotional Wellness Checklist

For Those Who May Be Compromised (Or Just Need Peace of Mind) By Liz Howard, Professor & Red Team Specialist, The Multiverse School

🧠 CRITICAL: Read This First

You cannot do good cybersecurity from panic brain. When you're scared, your prefrontal cortex shuts down. You'll skip steps without realizing it. Even seasoned professionals miss things when panicked. This is why we use checklists.

The #1 Rule: Slow is smooth, smooth is fast.

📍 Phase 0: Emergency Grounding (Do This NOW)

If you're reading this in a panic:

Stop what you're doing with your devices
Go somewhere physically safe (not your usual spots)
Take 5 deep breaths: 4 seconds in, 7 hold, 8 out
Call ONE trusted person and say:

"I need emotional support while I work through a potential security issue. Can you just be on the phone with me for a bit?"

Quick Panic Management Chart

If you feel…	Do this first…
Heart racing, can't think	Box breathing: 4-4-4-4 (in-hold-out-hold)
Paranoid, seeing threats everywhere	Name 5 blue things you can see
Frozen, can't move	Wiggle your toes, then fingers, then shoulders
Racing thoughts	Write down 3 things on paper
Crying/overwhelmed	Let it out, then splash cold water on face

⚠️ Quick Check: Do you need the Domestic Violence Cybersecurity Guide instead of this one? It has special steps.

🔍 Phase 1: Reality Check & Assessment

Before assuming compromise, check these innocent explanations:

[ ] Password confusion: Have you changed passwords recently while stressed? Try variations
[ ] Updates: Did your device recently update? UI changes can feel like hacking
[ ] Storage: Is your device low on storage? This causes weird behavior
[ ] Age: Is your device 3+ years old? Performance degrades
[ ] New apps: Did you recently install something that might have permissions?

Document everything (on paper):

[ ] When did weird behavior start?
[ ] What specific things happened? (Be precise)
[ ] Who might want to target you? (Be realistic)
[ ] What's your most sensitive data?

🛡️ Phase 2: Immediate Protective Actions

Do these from a calm state. Take breaks between steps.

A. Network Isolation (Stop the Spread)

[ ] Turn OFF Wi-Fi on ALL devices
[ ] Turn OFF Bluetooth on ALL devices
[ ] Unplug your router for now
[ ] Use cellular data only (or public Wi-Fi you've never used)
[ ] Unpair all Bluetooth devices from each other

B. Account Triage (Protect the Important Stuff)

Call from a friend's phone or landline:

Bank (for each account):
[ ] Set up verbal password
[ ] Ask: "Have there been any access attempts?"
[ ] Say: "No changes without verbal password"
Phone Carrier:
[ ] Ask: "Any SIM changes in last 30 days?"
[ ] Set up account PIN/verbal password
[ ] Confirm your phone number hasn't been ported
Email Provider (from public computer):
[ ] Check recent sign-ins
[ ] Look for forwarding rules
[ ] Check authorized apps
[ ] Enable 2FA with NEW phone number if needed

🔧 Phase 3: Systematic Cleanup

A. Establish Clean Communication

From a library/public computer:

[ ] Create new email at ProtonMail
Use a completely new password pattern
Don't access from your devices yet
Write password on paper
[ ] Set up Signal on ONE clean device
Use new phone number if very concerned
This is your secure communication line

B. Device-by-Device Reset

One device at a time, while OFF network:

For Phones:

[ ] Back up photos/videos to NEW cloud account
[ ] Screenshot any important texts/info
[ ] Note all your apps (you'll reinstall manually)
[ ] Factory reset
[ ] Set up as NEW device (not from backup)
[ ] Install apps one by one from official store
[ ] Keep Bluetooth/Wi-Fi off until you're sure it's clean

For Computers:

[ ] Back up critical files to NEW cloud or external drive
[ ] Run a virus scanner on the external drive after backing up critical files
[ ] Note all software you need
[ ] Full OS reinstall (not just reset)
[ ] Update OS before connecting to network
[ ] Install software fresh from official sources
[ ] Run a virus scanner on the external drive from the clean OS
[ ] Run updates before reconnecting to your network

For Routers:

[ ] Factory reset (hold reset button 30+ seconds)
[ ] Change admin password immediately
[ ] Update firmware
[ ] Use WPA3 if available, strong password
[ ] Disable WPS
[ ] Change network name (don't use your name)

🔐 Phase 4: Rebuilding Security

A. Password Strategy

The Paper Method (Yes, really):

[ ] Get a notebook that stays with you
[ ] Create 4 password categories:
- Critical: Email, bank, phone (unique each)
- Important: Work, social media (unique each)
- Medium: Shopping, subscriptions (can share 1-2)
- Low: Forums, newsletters (one shared is OK)
[ ] Use "correct horse battery staple" method
[ ] Write clearly, note capitals
[ ] After 30 days, transition to password manager

B. 2FA Hardening

[ ] Use authenticator apps, not SMS when possible
[ ] Back up 2FA codes on paper
[ ] Keep backup codes in safe place
[ ] Consider a FIDO-2 hardware key for critical accounts

C. Ongoing Hygiene

[ ] Monthly: Check account access logs
[ ] Quarterly: Review app permissions
[ ] Set calendar reminders for these checks
[ ] Keep devices, apps, operating systems updated (including your router, your smart devices, like a wifi-enabled toothbrush or fridge) even if you don't use their smart features
[ ] Keep your smartcar updated if it has a computer
[ ] Don't click links in emails or texts (go direct to sites, even if it seems like it's a company)

🧘 Phase 5: Mental Health Maintenance

The Compromise Perception Gap

It's real: After one compromise, EVERYTHING feels like hacking. Your printer jams? Hacking. App crashes? Hacking. This hypervigilance is exhausting and counterproductive.

Healthy Practices:

Reality Testing:
- Keep a log of "suspicious" events
- Review weekly with calm mind
- Look for patterns vs. coincidences
Support Network:
- Tell 2-3 people what you're going through
- Check in with them regularly
- Let them reality-test your concerns
Scheduled Worry Time:
- Set 15 min daily to review security
- Outside that time, write worries down for later
- This prevents 24/7 anxiety
Professional Help:
- If anxiety persists 2+ weeks
- If you're isolating from everyone
- If you can't sleep/eat normally (5+ hours a night, eat 2x a day)

🚨 When to Escalate

You might have a real problem if:

[ ] Bank confirms unauthorized access
[ ] Phone company confirms SIM swap
[ ] You find devices you didn't install
[ ] Multiple people report getting strange messages "from you"
[ ] Your employer notices unusual activity

Resources:

For immediate danger: 911 / local emergency
For cyberstalking: CCRI Helpline - 844-878-2274
For identity theft: IdentityTheft.gov
For emotional support: RAINN Hotline - 800-656-4673

💪 Remember:

You're not crazy for being concerned
You're not stupid if you were compromised
You're taking the right steps by reading this
Perfect security doesn't exist - we aim for "good enough"
Most "hackers" are far less capable than they want you to believe
State-level actors only target high-value individuals (think MLK-level)
Your peace of mind matters as much as your security

Final Thoughts

Security is a practice, not a destination. Even professionals get compromised sometimes. What matters is how you respond. By following this checklist, you're already ahead of 99% of people.

Stay safe. Stay human. You've got this.

Contact: liz@themultiverse.school | https://themultiverse.school Private support calls: https://jitsi.themultiverse.school

Version 1.0 - Last Updated: May 2025