Sometimes, we all have one of those “how did this happen?!?” moments, as we watch our mouse go shooting across the screen, deleting all of your files. You panic, and call your local computer technician, to ask what to do about it. A Trojan, worm, or human (a taller version of a worm) has taken over your computer. You’ve been hacked. You shut it off, and wait for your technician to show up. While you wait, here’s a list of the things of what they should have already told you on what to do if your computer has been compromised, and what you’ll probably be paying for.
From a technology perspective:
Turn off your device immediately
Have you been hacked or lost control of your computer? Simply turn it off. An off computer cannot be controlled, as there is nothing to control at that point. This is the fastest way to stop an ongoing attack and avoid a follow-up attack. In the event that you were compromised by a Trojan or worm, this will prevent it from causing any more damage than it already has. Once you have made sure that the device is off, contact a computer technician immediately to inspect and cleanup your computer. If you don’t have it sanitized before you start using it again, there is a very good chance that a Trojan or worm that has been installed on it will just turn on again, and continue wreaking havoc. They also tend to open up a bunch of holes in your computer, which makes it easier for hackers to gain access to your computer again.
Using another device, change your passwords
Since the device that was compromised is turned off, you will want to use another computer or device to get online and start changing your passwords. Not just the important ones, ALL of them. If you do any online banking, make sure to change your password for your bank’s website first to avoid anyone getting access to your accounts. Next, take care of your email account(s). Your email account is the gateway to almost all of your online accounts, so anyone with access to that could simply use the Forgot Password buttons on other websites to reset your passwords. Honestly, it wouldn’t hurt to handle your email accounts first, since they could still be used to change the password on your bank accounts. Next, make sure to log in to all of your social media accounts and do the same. Keep working through your list of online accounts until you have changed the passwords for everything.
When changing your passwords, make sure you follow these rules. They are common rules for all passwords, so they apply any time you ever create or change a password. These are just a few of hundreds of password tips. For more thoughts on password security, try Googling “password rules”.
- Use a strong password. “password” is NOT strong. Most websites these days make you use a secure password. You want it to be an absolute minimum of 8 characters in length (10 is better, the more the merrier), and use a combination of uppercase and lowercase letters, numbers, and symbols.
- Don’t use a modified version of the password you are changing. If you only change one or two characters in your old password, you are not really helping yourself out. While this will trick most automated hacking tools for a while, a true hacker will be able to figure out what you changed pretty quickly. If you make it easy for yourself, you’re making it easy for them too.
- Names, birthdays, anniversaries, and “password” all make horrible passwords, don’t use them. IF you are going to break this rule, use a combination of them.
- Don’t ever use the same password twice. If the password for your email account is the same as your bank account and Facebook page, you are going to be in a lot of trouble if someone finds out your password. Use a program like KeePass (http://keepass.info/) to keep track of your passwords for you. It is completely free, and can help you safely keep track of what passwords go where.
Tell your friends!
Nobody likes to admit that they were duped, but it is important that you let people know what has happened. If your friends and family (online and offline) are aware that you were hacked, they will be able to help keep an eye out for suspicious activity for you. It only takes one caring friend online to agree to wire “you” money because your social account is under the control of another person. Knowledge is power. Empower yourself and your friends.
From an identity/financial perspective:
Call the police (non-emergency line, NOT 911), get a police report
It doesn’t really seem like something you would have to do if your computer was hacked, but if you believe that someone has stolen any of your personal data, you need to contact your local law enforcement and file a police report. Digital theft is still theft, and theft is against the law. Additionally, your bank, credit card companies, and other businesses may require you to have a police report when filing claims with them. It may end up being a very simple police report, but so long as they can file that “my files were stolen on this date at this time”, you’ll have something to work with.
Call your bank and credit card companies
If you think that your bank or credit card account information may have been compromised, you will want to contact your banking institution and credit card companies as soon as possible to let them know that you may have lost your data. At bare minimum, you will want to tell them what happened, and to be on alert for any suspicious activity. Your banking representative will help you decide what to do next. In some cases, this may simply be to monitor your account for suspicious activity. In more extreme cases, they will help you freeze your accounts. If you have already had fraudulent purchases made in your name, they can help you get your money back.
File a fraud alert with the credit bureaus
Anytime you have to have to contact your bank, you will also want to call the big three credit bureaus (Experian, TransUnion, and Equifax) to file a fraud alert. In case you don’t already know, these agencies are responsible for tracking all of your financial accounts to determine how good of a credit user you are compared to other people (they do this using credit scores). Since your credit score is based on your credit, they will need to know if your bank accounts or credit cards have been compromised, so they can keep a lookout for any suspicious activity as well. While your bank is your first line of defense at stopping any fraudulent expenses, the credit bureaus are the second. As long as they know what is going on, they will be happy to work with you to make sure that any fraud does not negatively affect you.
If you follow the advice I have laid out for you in this article, there is a pretty good chance that any damages caused to you and your computer by a hacker (human or otherwise) will be minimal. For more tips on how to avoid these scenarios to begin with, check out this article on 5 Tips to Staying Safe Online (https://www.booksnbytes.net/5-tips-for-staying-safe-online/).