What to do if you’ve been hacked

Pandemics bring out the best and worst in mankind, and this one’s no different.

It may have been quiet for a little while, but hucksters and charlatans will be back with a vengence. In your digital life, this means phone scams, bank/credit card fraud, and online foolishness will be rampant.

We’re frequently asked about security by our clients. Usually folks go from no concern whatever for years to sudden panic after seeing something they don’t recognize on the screen (or “hearing” about something from a questionable source).

We can recommend this article by long-time industry insider Neil J. Rubenking about what to do if you suspect online mischief.

The world of computers is only a few decades old, and it has been developing exponentially during that time. As such, very few truly understand any areas of the field to any great degree–and it’s a moving target.

Public commenters on technology (general media types, etc.) attempt to boil down the ABCs for us, but they are often: (a) barely conversant with the topic; (b) behind the news curve, and/or (c) ignorant of what they don’t know. [Just like most of us, on many other topics. 🙂 ] The legal system is SO far behind as to be laughable). Example: remember the 1996 Telecommunications Act? Passed to foster competition, the effect has been just the opposite–and that was readily apparent at the time.

But at this point almost everyone recognizes the term “hack” as being a malicious attack on your computer life. However, it is also used indiscriminately (like “Xerox” for a copy, or “sciatica” for any lower back pain).

Let’s look at some specific areas many of us have experience with.

Email

Email is the first area where people suspect nefarious activity. First, just because you receive “spam” does not mean you have been “hacked.” [Because email was created at the very beginning, and given away free, there was never a great security foundation to it. Halfway measures are all that’s been added, due to economics and interoperability concerns.]

The databases of email addresses have apparently made their way into bad guys’ hands from most of the major services. The older your address, the more it may be known. However, they probably only know your password as of when they stole it–that’s why the first (and almost only) remedy for email issues is to change your password to that service. It’s a pain, but just a fact of life.

Signs of email mischief include: messages “returned” to you that you never sent; messages from known contacts but that just contain jibberish and/or strange hyperlinks; people saying YOU sent them bogus messages; and, of course, the great number of “phishing” and obscene emails. If they come from the same address multiple times, it MAY help to mark the address as Spam. Most bogus messages, however, should just be deleted, so they don’t get acknowledgement that this is a live lead. (Many of us have teeming Inboxes; learn how to do bulk deletes for your particular mail program.)

Financial Fraud

Now when something threatens your money, that’s serious. Online access to bank accounts and other financial institutions is awful handy, but it’s not just Luddites that are afraid of it.

The world being what it is, however, at least monitoring accounts online is prudent. Most require a strong password (are you using a password manager to keep track of these?). “2-step verification” is recommended on most sites now, also; they send a code to your cell phone for you to enter as a second line of defense

Most financial accounts will allow you to set up alerts when activity occurs, giving you notice if some transaction happened you didn’t expect.

Of course, stuff can still happen to the best of us.

Malware

Since the first online “viruses” in the 1990s, mysterious stuff has gotten on our computers and created havoc. Early on was mostly just annoying, but current stuff can put you on a digital ventilator. Just as in the medical world, the variety of bad bugs has proliferated. The generic term “malware” seems to best describe the whole range of these termites (literally, bad software).

The most insidious variant is “ransomware,” where the bad guys encrypt your data so you can’t read it. They then demand payment, after which they’ll send a code that “ransoms” your files.

The most common symptom of malware is your internet speed grinding to a halt. Many vermin use your connection for their own purposes, letting other bad stuff in and sometimes popping up unwanted windows while you work.

How do you GET malware? It’s still usually from clicking on something you shouldn’t. Links or attachments in email is still probably the primary source. Don’t slip, however, when you’re mousing around the edges of websites; ads or “clickbait” (sensational headlines) can often lead to junk.

Phone Fraud

Most people are hip to avoiding unknown links, so we understand the leading source of malware these days is actually “social engineering”–manipulating you to hurt yourself. Typically, this takes the form of a phone call that gets you to load a program; they claim it will fix something, but it ultimately causes damage–to your wallet.

NO ONE FROM MICROSOFT OR ANY TECH COMPANY WILL CALL YOU to do anything, except maybe buy more. Phone fraudsters are skilled at alluding to Microsoft connections, particularly to people over a certain age. Since even most legitimate call centers are overseas now, it can be difficult to understand what’s being said, let alone why. When in doubt–hang up.

There are plenty of sites on security, but it can be difficult to distill an understandable list of do’s and don’ts. We’ll pass on nuggets when we can; of course, you can always discuss your particular situation with us. But YOU initiate the call! 😉

Leave a Reply

Your email address will not be published. Required fields are marked *