So You Think You've Been Hacked?
Anti-virus programs are awesomely sophisticated these days, featuring heuristics, real-time monitoring, blacklists, reputation systems, and still... they don't always keep bad things out of your computer! YOU are the last line of defense against hackers and malware, so you should be familiar with these telltale symptoms that your computer, smartphone or online account has been compromised... |
Tell-Tale Signs You've Been Hacked
Sometimes the best security software in the world can't protect you from yourself. If you click on anything that moves, use trivial passwords, or download from sites that are not trustworthy, you might as well open the door and invite the bad guys in for a party. Other times the attacks are very clever, and may catch you off guard. A link in a carefully crafted "phishing" email can take you to a rogue site designed to steal your password or banking credentials.
Fake virus warning messages are almost as old as antivirus software, and they still work. When “VIRUS DETECTED! Click here to delete it NOW!” appears on-screen, people often rush to click. After all, who remembers what the real warning message of an antivirus program is supposed to look like? But when you click on the fake warning it can lead you down a rabbit hole.
The super-duper virus killer you downloaded turned out to be a Trojan Horse that enslaves your computer in a botnet, vacuums up all the sensitive account information you’ve left lying around the hard drive, copies all your contacts, and sends the lot to some hacker in Eastern Europe. (If it recalibrates your refrigerator's coolness setting so all your ice cream goes melty, or uses subspace field harmonics to scratch your CDs, then you've got REAL problems.)
Solution: Get familiar with your security software's warnings before they appear. Check the program’s documentation; find a screenshot with a Google Image search if necessary. It wouldn’t hurt to print them on a reference sheet to which you can quickly compare whatever pops up on-screen. Don’t follow instructions to "click and buy" or "activate" after running a scan with a hastily downloaded program.
Unexpected browser toolbars or new icons on your screen may indicate malware. Some downloads come with "foistware" that gets installed in addition to the program you're after. These sneaky extras are called PUPs (potentially unwanted programs) and may be adware, malware, or just junk you don't need. If you don’t remember deliberately installing a new program, remove it using your system’s uninstall feature and run a full anti-malware scan. On your smartphone, look through the list of installed apps, and remove any that you don't recognize. Stay clear of apps that have very few (or very bad) reviews.
Something Is Wrong Here...
If a password you’ve typed a million times suddenly stops working, your webmail, Facebook, Twitter or other online account may have been hacked and the password changed. This is usually caused by weak or easily guessable passwords, but data breaches can also reveal your login credentials. See How Hackable is Your Password? for tips on choosing a secure password. Even better, start using two-factor authentication if the site offers it. (See [DIGITAL LOCKDOWN] Authenticator Apps Protect Your Accounts)
Redirected searches are another sign you’ve been hacked. Malware hiding on your hard drive sends your search requests to a rogue search engine instead of Google, Bing, or whatever search tool you favor. The results returned to your browser usually have little relevance to your search query; “pet meds” may return sketchy pharmaceutical sales sites.
The solution may be as easy as checking your browser’s settings to see if your default search engine has been changed. If so, change it back to your preference. If searches get redirected again, look for the "full scan or "deep scan" option in your internet security tool. When malware sneaks past your defenses, ot's a sure sign that you need better protection. I use and recommend PC Matic, which uses a whitelist approach that allows only known, trusted programs to run on my computer.
If your friends start receiving spam email that appears to be from you, change your email account’s password. If the problem continues, it’s most likely the spammer is inserting your email address into the “from” field of spam he’s sending from his own server. There’s nothing you can do about that except wait. (See Are You an Accidental Spammer? and This is How Spammers Get Your Email Address)
Another red flag: Money starts trickling out of your cash and/or credit accounts, or you discover unauthorized transfers of funds. The ability to access your bank account with your smartphone is a two-edged sword. One recent story warned about a banking trojan called Octo that steals login credentials by monitoring keystrokes, and initiates fraudulent transactions.
Sometimes accidental brushes against a laptop trackpad results in the cursor flying off to some odd place on the screen. But if the cursor moves on its own, opens programs and does other things that only a real person would do, either it’s being controlled by malware or you have a poltergeist in your device.
What Should I Do?
Here's what I recommend if you think you’ve been hacked:
- Change ALL your passwords, not just the one you think has been compromised.
- If you notice any unusual activity in a financial account, contact your bank right away. Check your credit reports (see Free Credit Reports Online) and consider freezing your credit files.
- Do a “System Restore” on a Windows machine, rolling back your computer’s state to a time before you suspect it was hacked. Only recently installed programs will be expunged. Your documents, photos, and music will not be affected.
- Run a full anti-malware scan on all of your computers.
Have you been hacked? Tell me your story, or what you do to prevent malware and hacker attacks on your computer. Post your comment or question below...
This article was posted by Bob Rankin on 26 Apr 2022
For Fun: Buy Bob a Snickers. |
Prev Article: How Does Your Internet Speed Measure Up? |
The Top Twenty |
Next Article: Geekly Update - 27 April 2022 |
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin Subscribe to AskBobRankin Updates: Free Newsletter Copyright © 2005 - Bob Rankin - All Rights Reserved About Us Privacy Policy RSS/XML |
Article information: AskBobRankin -- So You Think You've Been Hacked? (Posted: 26 Apr 2022)
Source: https://askbobrankin.com/so_you_think_youve_been_hacked.html
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "So You Think You've Been Hacked?"
Posted by:
Cold City
26 Apr 2022
One way to secure everything is to set up bank accounts and credit cards so you receive an email for every transaction done.
It lets you dispute a charge the very hour a charge is made.
Posted by:
Bob K
26 Apr 2022
If you have your own domain name that you use for sending emails, keep in mind you can set up a SPF record in the DNS servers that will identify where your emails should be originating from.
Some (but not all) email servers will check to make sure emails from you are not originating from some far off location.
That helps fight the ones that are sending emails that look like they originated from you.
Posted by:
art
26 Apr 2022
I'm not sure about hacke, but my spam folder is being overwhelmed with salacious emails. I prefer not to open them, the subject is suggestive enough. If I did open one, I suspect it would be like Pandora's box.
Posted by:
Renaud Olgiati
26 Apr 2022
For good and reasonably cheap intrusion protection:
Dig out of your cupboard any old 486 or Pentium box you have left over from earlier times, add a second (or thind if you want a different WiFi subnet) NIC, and install the IPFire firewall software.
It is Linux, but you don't need to be a Linux guru to install and run it.
And it is free.
You can even run it on a RaspberryPi...
Posted by:
Wild Bill
27 Apr 2022
To art and others: Your spam folder being overwhelmed is beyond annoying but, in my experience, do not attempt to "unsubscribe". It will only lead to even more of he offensiveness. Best to simply report the obvious attempts at phishing via your browser and delete the rest.
Posted by:
Mike
27 Apr 2022
A great antivirus/anti malware program for Android is Sophos Intercept X, which is really user friendly. I've been using it for years and have never had any issues with malware. You can also install the Sophos adjunct called Sophos Security and Antivirus Guard, which keeps malware from uninstalling or rendering the antivirus app useless. Sophos Intercept X is completely free and is a very reputable AV company. Just my two cents...
Posted by:
Sarah L
27 Apr 2022
I had two Safari screens appear on my phone. Each had advice to reset my phone as I had (twice) linked to a terrible web site. I had not done that so I just closed the two Safari screens by clicking the X in the upper right corner.
So far, all is well on my phone.
Posted by:
Ernest N. Wilcox Jr.
27 Apr 2022
To my knowledge, I have never been hacked. With that said, I take steps to protect my computers, my data, and any accounts I have on the Internet. Microsoft Defender/Security (I don't know which they're calling it this week) is my antimalware suit of choice. I have the Ransomware feature enabled as well as all the Device Security features. The Wi-Fi/router provided by my ISP is configured for stealth mode on its WAN side (it ignores all connection calls to any port, so it is effectively as invisible as anything can be on the Internet. I have Wi-Fi Guard installed and running and configured to notify me when an unknown device connects to my LAN (I know the MAC IDs of all my devices). All partitions on my computers are encrypted and I have the password feature enabled for access to the BIOS/UEFI. This has the added benefit that the boot menu cannot be accessed without entering the password, so no unauthorized USB boot either. I have 2FA enabled for all my Internet accounts that support it. Finally, I run Windows Update weekly, and I use SUMo to notify me when a third-party software update becomes available. An up-to-date OS with up-to-date software keeps security vulnerabilities to a minimum.
Beyond the hardware/software security measures I have taken, the most important measures I employ involve my behavior when I am online or dealing with anything that comes to my computer from the Internet.
1. I NEVER blindly click any link on websites, in email messages, on social media sites, etc. I hover my mouse pointer over any link I want to check out to see the web address it will take me to. If it does not match with what the link's label says, or the web address looks like some sort of cryptic code, I DON'T CLICK - period.
2. When I was little my mom taught me not to trust strangers because I couldn't know what they would do or whether they were good or bad guys. When my kids were little, there were Stranger Danger adds on TV that made it easier for me to teach my kids not to trust strangers. If you think about it, the Internet is full of strangers. You cannot know what their intent is. The best Internet strategy is to employ a very healthy dose of skepticism regarding anything you see/hear/read, especially those things that re-enforce your existing beliefs. Evaluate everything from the Internet for yourself before you decide whether or not to believe it. That includes me and what I have written here.
My2Cenmts,
Ernie
Posted by:
bb
27 Apr 2022
A quibble: You are the *first* line of defense, not the last.
Don't succumb to the 'Dancing Bunnies' syndrome - ignoring all warnings just to see the dancing bunnies.
Posted by:
Maurice
27 Apr 2022
I added a second email address in my address book. The day I've sent an mail to myself I know something is wrong...
Posted by:
Puer
28 Apr 2022
Beware of Geek Squad scams. Anyone who gets your bank account and routing # can put money into your account. When that happens it shows up as deposited, ONLY it is a PENDING transaction until the bank reclassifies it as AVAILABLE. The scammer says your "refund" (say $ 249.99) had the decimal in the wrong place, you can see the (say $24999.) in your account that you now have to pay them back. They say they cannot take money out of your account (they CAN, remember it's pending) so later they withdraw the deposit you thought was "yours" and trick you into going to the bank and wiring them the money! Because the deposit was PENDING the bank doesn't have any record of the deposit and withdrawal. WHO KNEW?! While I'm at it. Nationwide Business Insurance which says it covers "Internet Fraud" doesn't cover it if you have been "tricked". But that's another racket story.
Posted by:
Linda
02 May 2023
Look my husband has someone on both my cell phone and my computer. I once found a page on the computer but it's been hid again. Alot of the things that you tell me to check I can't because this person on my computer is always one step ahead of me. I think its my husband on my phone with something called spyware but my husband is very controlling he has to know who I text and who I call. Sometimes late at night my key board won't do some letter. Just to mess with my mind I would guess. I am guessing I will have take the computer in and have it cleared but then the guy runs through my son's smart phone because his is hooked to his computer, his computer is hooked to mine and so then they are on the computer. I can't get a smart phone and a new number for as soon as I call my son they are on my phone because they are on his. I honestly don't know. Would love to divorce him but no money for that idea. So how do I stop these people from using my computer and my smartphone. Thank you for your time.