Complete OPSEC & Emotional Wellness Checklist
For Those Who May Be Compromised (Or Just Need Peace of Mind)
By Liz Howard, Professor & Red Team Specialist, The Multiverse School
๐ง CRITICAL: Read This First
You cannot do good cybersecurity from panic brain. When you're scared, your prefrontal cortex shuts down. You'll skip steps without realizing it. Even seasoned professionals miss things when panicked. This is why we use checklists.
The #1 Rule: Slow is smooth, smooth is fast.
๐ Phase 0: Emergency Grounding (Do This NOW)
If you're reading this in a panic:
- Stop what you're doing with your devices
- Go somewhere physically safe (not your usual spots)
- Take 5 deep breaths: 4 seconds in, 7 hold, 8 out
- Call ONE trusted person and say:
"I need emotional support while I work through a potential security issue. Can you just be on the phone with me for a bit?"
Quick Panic Management Chart
If you feelโฆ |
Do this firstโฆ |
Heart racing, can't think |
Box breathing: 4-4-4-4 (in-hold-out-hold) |
Paranoid, seeing threats everywhere |
Name 5 blue things you can see |
Frozen, can't move |
Wiggle your toes, then fingers, then shoulders |
Racing thoughts |
Write down 3 things on paper |
Crying/overwhelmed |
Let it out, then splash cold water on face |
โ ๏ธ Quick Check: Do you need the Domestic Violence Cybersecurity Guide instead of this one? It has special steps.
๐ Phase 1: Reality Check & Assessment
Before assuming compromise, check these innocent explanations:
- [ ] Password confusion: Have you changed passwords recently while stressed? Try variations
- [ ] Updates: Did your device recently update? UI changes can feel like hacking
- [ ] Storage: Is your device low on storage? This causes weird behavior
- [ ] Age: Is your device 3+ years old? Performance degrades
- [ ] New apps: Did you recently install something that might have permissions?
Document everything (on paper):
- [ ] When did weird behavior start?
- [ ] What specific things happened? (Be precise)
- [ ] Who might want to target you? (Be realistic)
- [ ] What's your most sensitive data?
๐ก๏ธ Phase 2: Immediate Protective Actions
Do these from a calm state. Take breaks between steps.
A. Network Isolation (Stop the Spread)
- [ ] Turn OFF Wi-Fi on ALL devices
- [ ] Turn OFF Bluetooth on ALL devices
- [ ] Unplug your router for now
- [ ] Use cellular data only (or public Wi-Fi you've never used)
- [ ] Unpair all Bluetooth devices from each other
B. Account Triage (Protect the Important Stuff)
Call from a friend's phone or landline:
- Bank (for each account):
- [ ] Set up verbal password
- [ ] Ask: "Have there been any access attempts?"
-
[ ] Say: "No changes without verbal password"
-
Phone Carrier:
- [ ] Ask: "Any SIM changes in last 30 days?"
- [ ] Set up account PIN/verbal password
-
[ ] Confirm your phone number hasn't been ported
-
Email Provider (from public computer):
- [ ] Check recent sign-ins
- [ ] Look for forwarding rules
- [ ] Check authorized apps
- [ ] Enable 2FA with NEW phone number if needed
๐ง Phase 3: Systematic Cleanup
A. Establish Clean Communication
From a library/public computer:
- [ ] Create new email at ProtonMail
- Use a completely new password pattern
- Don't access from your devices yet
-
Write password on paper
-
[ ] Set up Signal on ONE clean device
- Use new phone number if very concerned
- This is your secure communication line
B. Device-by-Device Reset
One device at a time, while OFF network:
For Phones:
- [ ] Back up photos/videos to NEW cloud account
- [ ] Screenshot any important texts/info
- [ ] Note all your apps (you'll reinstall manually)
- [ ] Factory reset
- [ ] Set up as NEW device (not from backup)
- [ ] Install apps one by one from official store
- [ ] Keep Bluetooth/Wi-Fi off until you're sure it's clean
For Computers:
- [ ] Back up critical files to NEW cloud or external drive
- [ ] Run a virus scanner on the external drive after backing up critical files
- [ ] Note all software you need
- [ ] Full OS reinstall (not just reset)
- [ ] Update OS before connecting to network
- [ ] Install software fresh from official sources
- [ ] Run a virus scanner on the external drive from the clean OS
- [ ] Run updates before reconnecting to your network
For Routers:
- [ ] Factory reset (hold reset button 30+ seconds)
- [ ] Change admin password immediately
- [ ] Update firmware
- [ ] Use WPA3 if available, strong password
- [ ] Disable WPS
- [ ] Change network name (don't use your name)
๐ Phase 4: Rebuilding Security
A. Password Strategy
The Paper Method (Yes, really):
- [ ] Get a notebook that stays with you
-
[ ] Create 4 password categories:
- Critical: Email, bank, phone (unique each)
- Important: Work, social media (unique each)
- Medium: Shopping, subscriptions (can share 1-2)
- Low: Forums, newsletters (one shared is OK)
-
[ ] Use "correct horse battery staple" method
- [ ] Write clearly, note capitals
- [ ] After 30 days, transition to password manager
B. 2FA Hardening
C. Ongoing Hygiene
- [ ] Monthly: Check account access logs
- [ ] Quarterly: Review app permissions
- [ ] Set calendar reminders for these checks
- [ ] Keep devices, apps, operating systems updated (including your router, your smart devices, like a wifi-enabled toothbrush or fridge) even if you don't use their smart features
- [ ] Keep your smartcar updated if it has a computer
- [ ] Don't click links in emails or texts (go direct to sites, even if it seems like it's a company)
๐ง Phase 5: Mental Health Maintenance
The Compromise Perception Gap
It's real: After one compromise, EVERYTHING feels like hacking. Your printer jams? Hacking. App crashes? Hacking. This hypervigilance is exhausting and counterproductive.
Healthy Practices:
-
Reality Testing:
- Keep a log of "suspicious" events
- Review weekly with calm mind
- Look for patterns vs. coincidences
-
Support Network:
- Tell 2-3 people what you're going through
- Check in with them regularly
- Let them reality-test your concerns
-
Scheduled Worry Time:
- Set 15 min daily to review security
- Outside that time, write worries down for later
- This prevents 24/7 anxiety
-
Professional Help:
- If anxiety persists 2+ weeks
- If you're isolating from everyone
- If you can't sleep/eat normally (5+ hours a night, eat 2x a day)
๐จ When to Escalate
You might have a real problem if:
- [ ] Bank confirms unauthorized access
- [ ] Phone company confirms SIM swap
- [ ] You find devices you didn't install
- [ ] Multiple people report getting strange messages "from you"
- [ ] Your employer notices unusual activity
Resources:
๐ช Remember:
- You're not crazy for being concerned
- You're not stupid if you were compromised
- You're taking the right steps by reading this
- Perfect security doesn't exist - we aim for "good enough"
- Most "hackers" are far less capable than they want you to believe
- State-level actors only target high-value individuals (think MLK-level)
- Your peace of mind matters as much as your security
Final Thoughts
Security is a practice, not a destination. Even professionals get compromised sometimes. What matters is how you respond. By following this checklist, you're already ahead of 99% of people.
Stay safe. Stay human. You've got this.
Contact: liz@themultiverse.school | https://themultiverse.school
Private support calls: https://jitsi.themultiverse.school
Version 1.0 - Last Updated: May 2025