Things To Do When You’ve Been Hacked

 

After you’ve been hacked, it’s best to start by asking yourself why it happened in the first place. Asking yourself why is a good place to start from.

Ask yourself basic questions like What was the reason for the breach? If it was your bank account, the answer may be obvious. In other cases, such as e-mail, it can be for a host of reasons — from using it to send spam, to requesting money from your contacts, to getting password resets on other services.

An attacker may even be trying to gain access to your business. Knowing why you were targeted can also sometimes help you understand how you were breached.

 

1. Reset Your Passwords:

 Immediately change the password on the affected service and any others that use the same or similar password.

And, really, don’t reuse passwords. You should be changing your passwords periodically anyway as a part of routine maintenance. But if you’ve just been hacked, it’s now more urgent.

This is especially true if you reuse passwords or use schemes that result in similar passwords (like 123Facebook, 123Linkedin, 123Google).

Sites can set up password requirements — for example a character length or that a password includes symbols and numbers — but they cannot force people into not reusing the same or similar passwords.

 

See Also: How To Check If I Have Been Hacked

Update and Scan

There’s a possibility that the attacker got in via your machine. Almost all malware is installed by victims themselves, if unknowingly.

And if something nasty is on your computer, you need to get it off before you start a recovery process. Make sure you are running the most recent version of your operating system.

Download a solid anti-virus product and run a scan for malware and viruses that may have been the source of the attack.

This is the most basic thing you can do, so do it now. And moreover, use a brand-name commercial program that you pay for.

3. Take Back Your Account

Most of the major online services have tools in place to help you get your account back after it has been taken over by someone else.

Here’s how to do that on Apple, Facebook, Google, Microsoft, Twitter, and Yahoo. Typically, you’re going to need to be able to answer some questions about your account. Facebook has a novel method that relies on friend verification.

Are you using a service not listed here? Typically you can find your way back in by searching for its name plus “account recovery.”

What To Do When I’ve Been Hacked

4. Check for Backdoors

Smart hackers won’t just get into your account, they’ll also set up tools to make sure they can get back in once you’ve gotten them out.

Once you have your accounts back, you should immediately make sure there isn’t a back door somewhere designed to let an attacker back in.

Check your e-mail rules and filters to make sure nothing is getting forwarded to another account without your knowledge. See if the answers to your security questions were changed, or if those questions themselves have changed.

What To Do When I’ve Been Hacked

5. Follow the Money

If there is an element of commerce involved in the affected account, thoroughly review any activity on that account.

Verify that no new shipping addresses have been set up on your account, no new payment methods have been added, or new accounts linked.

This is especially true of sites that let you make one-click purchases, or issue payment cards.

 

6. Perform a Security Audit on All Your Affected Accounts

Often, one account is simply used as a gateway to another. Your Dropbox account may only be a means to get at something stored there.

Your e-mail might only be a path to your online banking. Not only do you need to secure the account you know was hacked, but you need to check all the others it touches as well.

Reset your passwords on those services, and treat them as if they have been compromised.

What To Do When I’ve Been Hacked

7. Make a ​Complete Backup of Your System

Once everything is in pristine condition you should do a complete backup so that if this ever happens again you won’t spend as much time reloading your system.

Using a backup tool that creates a bootable hard drive image as a backup will help speed up future recoveries immensely.

 

8. Lock Down Your Credit

It’s bad enough you had your email hacked, but you really don’t want your identity stolen as a result. Services like LifeLock will do this for you for a fee.

However, you can also do it yourself by contacting the three major credit reporting agencies directly. Depending on the state you live in, locking down your credit might be free, provided you’ve filed a police report.

What To Do When I’ve Been Hacked

9. Isolate Your Computer

In order to cut the connection that the hacker is using to “pull the strings” on your computer, you need to isolate it so it can’t communicate on a network.

Isolation will prevent it from being used to attack other computers as well as prevent the hacker from continuing to be able to obtain files and other information.

Pull the network cable out of your PC and turn off the Wi-Fi connection. If you have a laptop, there is often a switch to turn the Wi-Fi off.

Don’t rely on doing this through software, as the hacker’s malware may tell you something is turned off when it is really still connected.

See Also: How To Hack Wifi Passwords

10. Shutdown and remove the Hard Drive

If your computer is compromised you need to shut it down to prevent further damage to your files.

After you have powered it down, you will need to pull the hard drive out and connect it to another computer as a secondary non-bootable drive.

Make sure the other computer has up-to-date anti-virus and anti-spyware. You should probably also download a free spyware removal tool or a free rootkit detection scanner from a reputable source like Sophos.

 

To make things a little easier, consider purchasing a USB drive caddy to put your hard drive in to make it easier to connect to another PC.

If you don’t use a USB caddy and opt to connect the drive internally instead, make sure the dip switches on the back of your drive are set as a secondary drive.

If it is set to primary drive it may try to boot the other PC to your operating system and all hell could break loose again.

If you don’t feel comfortable removing a hard drive yourself or you don’t have a spare computer then you may want to take your computer to a reputable local PC repair shop.

 

11. See Also: How To Hack A Facebook Account

    Backup Your Important Files From the Previously Infected Drive

You’ll want to get all your personal data off of the previously infected drive. Copy your photos, documents, media, and other personal files to DVD, CD, or another clean hard drive.

 

11. Move Your Drive Back to Your PC

Once you have verified that your file backup has succeeded, you can move the drive back to your old PC and prepare for the next part of the recovery process. Set your drive’s dip switches back to primary as well.

What To Do When You’ve Been Hacked

12. Completely Wipe Your Old Hard Drive

Even if virus and spyware scanning reveals the threat is gone, you should still not trust that your PC is malware-free.

The only way to ensure that the drive is completely clean is to use a hard drive wipe utility to completely blank the drive and then reload your operating system from trusted media.

After you have backed up all your data and put the hard drive back in your computer, use a secure disk erase utility to completely wipe the drive.

There are many free and commercial disk erase utilities available. The disk wipe utilities may take several hours to completely wipe a drive because they overwrite every sector of the hard drive, even the empty ones, and they often make several passes to ensure they didn’t miss anything.

It may seem time-consuming but it ensures that no stone is left unturned and it’s the only way to be sure that you have eliminated the threat.

13. Reload the Operating System From Trusted Media and Install Updates​

Use your original OS disks that you purchased or that came with your computer, do not use any that were copied from somewhere else or are of unknown origin.

Using trusted media helps to ensure that a virus present on tainted operating system disks doesn’t reinfect your PC. Make sure to download all updates and patches for your operating system before installing anything else.

14. Reinstall Anti-Virus, Anti-Spyware, and Other Security Software

Before loading any other applications, you should load and patch all your security-related software.

You need to ensure your anti-virus software is up-to-date prior to loading other applications in case those apps are harboring malware that might go undetected if your virus signatures aren’t current

 

15. Scan Your Data Backup Disks for Viruses

Even though you are fairly certain that everything is clean, always scan your data files prior to reintroducing them back into your system.

 

SOURCES

 

Andy O’Donnell. (2020, September 21) I’ve Been Hacked! Now What? https://www.lifewire.com/ive-been-hacked-now-what-2487230