Account Takeover Recovery for Brisbane Families: Get Your Email, Socials, and Banking Back After a Phishing Scam

Your mum rings you in tears because she clicked a link in a text that looked like it was from Australia Post, typed in her details, and now her email password no longer works and her bank has called about a transfer she did not make. Or your teenager has been locked out of their Instagram by someone who DM’d them claiming to be “support”. Or you have just realised the password reset emails for half your accounts have been quietly auto-forwarded to a Gmail address you do not recognise. Account Takeover Recovery from Cyber by Exegesis is the engagement that walks a Brisbane family through getting control back — across the hijacked account, the downstream accounts, and the devices the attacker may still be sitting on.

The problem

ACCC Scamwatch ranks phishing as the most-reported scam category in Australia, and the National Anti-Scam Centre’s published alerts (fake delivery, fake recruiters, fake trading platforms) describe exactly the lures Brisbane families are seeing every week. The moment credentials are entered into a fake page, the attacker does three things in quick succession: changes the password, adds their own recovery email or phone number, and sets a mailbox-forwarding rule so future password resets flow to them too. By the time the family member notices, the account is no longer theirs to reset in the normal way.

Recovery is not just “get back into the email”. The same password is usually reused on five other accounts. The phone number on file may have been switched. Shared family devices — the iPad the grandkids use, the old laptop on the kitchen bench — may still be signed in to the compromised account. ACSC consumer guidance is consistent on this point: a takeover is not over until every connected account and device has been checked.

What Account Takeover Recovery does

Cyber by Exegesis runs a fixed-scope recovery engagement for Australian families:

• A triage call within one business day to identify which account was taken over, which accounts share that password, and what the attacker has done since.
• A coordinated provider recovery — we sit with the affected family member and work through the official recovery flow for the relevant provider (Google, Microsoft, Meta, Apple, the major Australian banks, major retailers) rather than the fake “support” channels scammers seed in search results.
• A downstream account sweep — every account that used the same password or had the compromised email as its recovery address gets a password reset and a multi-factor authentication review.
• A device sweep across the family’s phones, tablets, and computers — active sessions revoked, suspicious profiles or apps identified, mailbox-forwarding rules removed.
• A short written summary the family can keep, including which agencies to report to (Scamwatch, IDCARE, and where relevant the OAIC or eSafety Commissioner) and what to watch for over the next 90 days.

Cyber by Exegesis is the cyber consultancy line of Exegesis — the same stack behind the DRMO live product. We work alongside, not instead of, your bank and the affected platforms; we are the calm hand on the family’s shoulder while the official recovery flows run.

How it works

1. We take an intake call (one parent or guardian on the line) to confirm scope and identify the compromised account, the shared passwords, and the devices in the household.
2. We schedule a recovery session — usually 60 to 90 minutes — with the affected family member present, working through the provider’s official recovery channel.
3. Once the primary account is back, we sweep downstream accounts (email-linked logins, banking, social, retail) and rotate passwords with a password manager set up in the same session.
4. We review every signed-in device in the household, revoke active sessions, remove mailbox-forwarding and filter rules, and check for unfamiliar profiles or apps.
5. We hand over the written summary, the list of reports to make (Scamwatch first), and a 90-day check-in to confirm nothing has reappeared.

Why this matters in Brisbane

Brisbane households sit on the same phishing distribution as the rest of the country — the Australia Post text, the myGov lookalike, the “your parcel is held” SMS, the fake Meta security warning — but with a particular concentration of multi-generational households where one Apple ID, one Google account, or one family email address often anchors devices across grandparents, parents, and children. When that anchor account is taken over, the blast radius is the whole family. Brisbane families that recover quickly and sweep downstream stop a single phishing click from becoming a months-long identity problem.

Sources

• ACCC Scamwatch (National Anti-Scam Centre): https://www.scamwatch.gov.au/
• ACSC guidance for individuals and families: https://www.cyber.gov.au/protect-yourself
• OAIC Notifiable Data Breaches scheme (where a takeover involves a regulated organisation): https://www.oaic.gov.au/privacy/notifiable-data-breaches
• eSafety Commissioner (where the takeover involves a child’s account or image-based abuse): https://www.esafety.gov.au/
• Cyber by Exegesis — Account Takeover Recovery (waitlist)

Join the waitlist

Join the waitlist — first access when Cyber by Exegesis opens Account Takeover Recovery for Brisbane families

We are sequencing engagements by household type and by the provider involved (Google and Microsoft first, Meta and Apple second, banks coordinated alongside). Join the waitlist with a short description of what has happened — we will tell you when we are ready to take your brief.