I was looking forward to clocking out after a long day of work this past summer when my phone blew up with confirmation emails for purchases that I never made. It was a quick, sure-fire way to ruin my night.

After the swearing match between my phone screen and I came to an end, I calmed down and rationalized. I didn’t buy the stuff, so I figured the whole ordeal would be easy to resolve.

Over $200 worth of “FIFA ‘16 Points,” were charged to me through my Microsoft account. These “points” were content for a video game I’ve never owned. I thought proving that these were not bought by me would be no problem.

Boy, was I wrong about that.

After several online chats and phone calls with Microsoft, I had successfully gotten nowhere. My account’s hijacker had done a real number on me, and it seemed as though Microsoft’s customer service was trying to work against me.

This went on for weeks, until finally my bank was able to bully Microsoft into refunding me the money. Microsoft would not, however, give me back ownership of my own account.

The lesson I learned is one that too many of us learn the hard way: set up your security measures before something bad happens.

There are some basic proactive measures that everyone should take in regard to their online accounts. Some of these may be common knowledge, but others are not utilized as often as they should be. I was guilty of not using all of them properly, which is what left me vulnerable in the first place.

Firstly, if you use the same password for several important online accounts, consider making new ones. If you slip up and someone gets one of your passwords, all of your accounts will be at risk.

Nowadays most websites force you to use at least one capital letter and number for your password, but I’d suggest even throwing in a symbol or two for extra security. It can’t hurt, as long as you can remember it.

Secondly, use two-step verification for every account you have where it is an option. Two-step verification will send a code to your smartphone, which you will need to verify anytime there is a new login from an unrecognized device.

With two-step verification, only you can authorize a sign-in to your accounts. If anyone else tries to sign in, you will be notified. This will be a red flag to you that someone else has your password and you need to change it pronto.

Yes, it will be an extra step for you when you try to log into your accounts on school computers, but taking the two seconds to pull your phone out of your pocket to verify will be worth it in the long run, believe me.

Lastly, set up solid security questions for your accounts. Choose questions and answers that no one else can guess. These are a good back-up to have.

Security questions should not be your primary defense, as they are usually only asked when you forget your own password. If someone else has your password, they can often slide past these no problem.

Sometimes, however, if the login looks suspicious, the hacker will be prompted to answer the security questions, even if he used the correct password. This is when solid security questions save the day, as they could be the only thing that stops the intruder.

Now, this is by no means an all-inclusive list of everything you can do to protect yourself online, but if everyone took just these few steps, significantly less people would have their accounts stolen or used by someone else to buy items with their money.

It’s hardly a question of if your accounts will be hacked these days; it’s more of a when. I was lucky, and got my stolen money back. Not everyone gets off that easy.

Take the time to set up these security measures for yourself. It will be a lot less painful to spend two minutes on the computer now than it will be to spend six hours on the phone with customer service later. You can trust me on that one.

email: [email protected]