Unfortunately, there are no obvious flags if your wallet is compromised. It happens quietly. So an empty wallet might have been compromised months ago, with attackers waiting if you load it with funds or receive a payment from an NFT sale. This makes maintaining security so much harder. If you believe you connected to websites you don’t know, or otherwise acted in a way that might compromise your wallet, it’s a great time get yourself a brand new wallet.
You will get no emails or notifications that your wallet is compromised. The most common way is just finding our that your valuable NFTs are missing, and crypto was sent somewhere else (and not by you). To stay on top of your own wallet activity, download Zerion app on your phone and enable notifications. You can get push notifications for every transaction that happens with your (or any other) wallet.
If your funds or NFTs are missing, act fast! There is no way to rectify the compromised wallet. You will have to abandon it. Before you do, if there are funds, ENS, or NFTs in a wallet, transfer them somewhere safe (see “maintain multiple wallets”). If there are no funds to cover the gas fees, you will need to fund the wallet with a small amount of ETH to pay for transfers (generally about 0.002 ETH per transfer), and initialize the transfer in a very short period of time (assume attackers are watching your wallet). Once you do so, you can start rebuilding your wallet.
Make sure your new wallet has a different secret phrase from your compromised one. If unsure, use MyEtherWallet to generate a brand new wallet. On MyEtherWallet page, click on “Software” method and then “Mnemonic Phrase”. You can then write down your secret phrase (24 words recommended, it’s more secure than a 12 word secret phrase), and once you complete it, click once again on “Software” to retrieve your wallet address (you’ll need to type all 24 words in correct order).
When you move your ENS to a new wallet, login to ENS Domains to check the “Records > Addresses” tab shows the correct wallet address. If unsure, you can check by pasting your ENS in the Etherscan search bar and see if it points to your new wallet.
Unfortunately, if you have sold any NFTs as a creator, your collectors will essentially have an NFT that originated from an account now controlled by someone else. While they can’t do any damage, the provenance between creator and collector will break. Most creators re-mint and airdrop an identical NFT to a collector, and ask the collector to burn the piece they acquired from you.