What should I do if I have been hacked?

Did you click on a suspicious link without thinking? Is your computer behaving strangely? Of course, it is not easy to accept that you may have just handed over control of your device to a hacker. However, it’s vital that you do not ignore any signs that indicate you have been hacked. So, let’s review some of them.

It’s important to be familiar with potential signs you have been hacked. If you see one or more of the following issues on one of your devices, take action immediately.

Unknown Homepage and URL Redirecting
One day, you launch your browser as usual. Suddenly, an unfamiliar website opens. Usually, such pages display pornographic material or advertise fake security software. Then, when you enter a URL, you get redirected to a different website. This is a common sign of a hijacker infection.

Slow performance
Suddenly, your computer becomes slow or unresponsive. Sometimes, this happens when unauthorized processes and programs consume your system resources. Of course, there are other reasons for a slow computer. But watch out for extremely slow speeds (especially along with some of the other issues listed).  It may be that  someone has hacked your router.

Sudden crashes
In many cases, a hacked computer may be unstable and suffer sudden crashes. It may also freeze or suddenly restart. This happens malicious applications running in the background overwhelm your systems, eating up your computer’s memory.

Increased pop-ups
Extra pop-up windows, advertisements or alerts that appear repeatedly could be a sign of a hacker attack. Above all, do not to click on any of the links. The hackers goal is to get you to click on one of the popups, and thus install a rogue program or be redirected to a harmful website.

New users or account settings
First, check for unfamiliar user accounts or new accounts. Then, look for changes in your account settings. For example, your email forwarding rules, automatic email replies, and security questions. Chances are, a hacker has changed your settings to give themselves access to your accounts.

Password changes
Any change to your account passwords that you did not ask for is a big red flag. It may be that someone else has access to your computer, browsers, or accounts. If that is the case, you’ll need to recover your accounts. Usually, you will do this by using your backup email or security questions. In some instances, you may need to contact the service provider.

Other unusual activity
Do you see unwanted uploads or downloads running on your device? Is your computer trying to  connect to unfamiliar devices or access shared network resources? Such unusual activity could signify the presence of malware or a network-based attack. Likewise, if your computer shows high network traffic for no apparent reason, it may be compromised.

If you have reason to think your device, wifi or browser is being hacked, use the following steps to protect yourself:

• Disconnect from wifi on the compromised device and shut it down
• Pull your router’s plug, wait 30 seconds, and then plug it back in
• Use another device to change all your passwords to strong, new, unique ones
• Contact your bank and credit cards and alert them to limit account activity
• Tell coworkers, friends and family to be wary of messages and links from “you”
• Check for unfamiliar activity or inquiries on your credit report
• Consider registering a free fraud alert with major credit agencies
• Turn on login alerts to get a notification when someone logs into your account
• Check if you are locked out of any of your email accounts or social media
• Use security questions or contact services to recover control of your accounts
• Consider whether other people’s personal data may have been affected
• If so, contact local data protection authorities within 72 hours

Next, to safely use your device again:

• Turn it back on
• Clear your browser and cookies
• Scan your device for viruses and malware with a trustworthy service
• Check for any recently installed programs and uninstall them
• Update your operating system and software
• Consider wiping your hard drive and reinstalling your OS
• If someone has stolen your account, you may need to reach out to the company to regain access

Moving forward, to prevent future hackers from getting access to your accounts:

• Start using a password manager
• Set up two-factor authentication
• Keep your firewall up
• Add a rescue email address as a backup
• Uninstall apps you don’t use
• Delete spam emails without opening them
• Find out what information data brokers have about you
• Keep devices turned off when not in use

In short, you should start by cutting off the attacker’s access to your systems. Then, check up on your accounts. Next, report the breach to parties it could affect: Friends and family, your employer, your bank, and so on. Finally, tighten up your security and prevent future attacks.

Any time you suspect a hacker attack,  be sure to consider your customers, employees and workmates’ privacy, along with your own safety. Even if the attack targeted a personal device, it may compromise work related confidential data.

If you are an employer, remember that keeping customer and employee data safe is ultimately your responsibility. Teach your employees about how risky any unauthorised access to their devices can be and how to recognise it. Meanwhile, they should also reduce inappropriate crossover between work and personal devices. Finally, they should feel free to quickly report any breaches to you and get company support to fix them.

It is difficult to avoid hacker attacks. In principle, it does not take more than one employee clicking on the wrong link. That is why it is important to keep trakc over your personal information before you risk becoming the victim of a cyberattack. It creates the prerequisite for being able to reduce the damage, while at the same time it provides an invaluable overview when you are in the situation.

In Safe Online, we have developed the Data Discovery tool DataMapper, which you can use to find and monitor files, emails and images that contain sensitive information.