By: Sunny Verma
October 22, 2020
How To Know If You've Been Hacked And What To Do About It
By: Sunny Verma
October 22, 2020
Cyberspace is a dangerous place. Behind all those ‘helpful’ websites which promise to provide the users with ‘free’ stuff, there are internet-predators who are either after an unsuspecting target’s PII (Personally Identifiable Information) or after the computer resources they possess. Security experts agree that the random link an unsuspecting person got from a stranger on an internet forum will provide the user with those promised cute dog and cat pictures. Still, it may also deliver something unwanted to them. Something, which is capable of either controlling their entire computer (Remote Access Trojan, or aptly called a RAT), or encrypting all of their precious data until a ransom has been paid (Ransomware), or simply delivering targeted but spam ads to their browser, every time they use their computer to connect to the internet (Adware).
Some people argue that they are relatively unknown in the world compared to celebrities, sports stars, or CEOs of multi-billionaire corporations, and hence would not suffer from a cyber attack. Although it is a fact that famous people are more susceptible to a cyberattack, however, that does not imply that the general masses are not a potential target. Statistics show that cyber-attacks have grown by 600% due to people being required to work from home due to the outbreak of COVID-19. The majority of these attacks are phishing attacks that lure the targeted individual or a group of people into clicking a malicious link received via a message or an email. This message or email generally talks about how the target has won a prize, or in recent cases, is eligible for funding from the government due to COVID-19. Upon clicking on the link, a malicious script may be downloaded onto the target’s computer, leading to a lot of different scenarios, depending on the payload delivered to the target.
Social Media is another prominent area of interest for internet-predators. Facebook recently disclosed that the Android version of Instagram had a critical vulnerability that would allow an attacker to take over and spy on the target via their Android smartphone. The attacker just needed to send a specially crafted image to the target via SMS, email, Whatsapp, or any other means of digital communication. The target did not even have to save the image on their mobile phone. Once the target opened the image, all they had to do was open the Instagram application on their Android smartphone. Once this was done, the attacker would have full control over the account via remote access to their Instagram account. Not only that, the attacker could abuse all the permissions granted to the Instagram application by the user. This includes accessing their contacts, image gallery, current location, and even a camera. Scary, right?
If you ever notice the following changes in your computer, it may be an indicator that you might have been the victim of a cyber attack:
- Your computer gets locked, and there’s a message on the screen asking you to pay a ransom (usually in cryptocurrency) to unlock your computer and recover your data. If this is the case, you may have been a victim of a Ransomware attack. The attacker may have encrypted your files, and until the attacker provides the key, you would not be able to decrypt the files. Even if you could decrypt it, there is no guarantee that your files and data would be in the same state before being encrypted. The best way to protect yourself against this attack is to take regular backups of your data and storing them offline in a safe place, where only you or other authorized personnel can access it.
- Your friends get strange and unsolicited messages from you via your social accounts. The chances are high that your social media accounts may have been compromised. You may have logged into your social media accounts via an untrusted device and forgot to log out. Alternatively, your passwords might have been leaked in a password dump. If this happens, the first step would be to contact your friends and known associates and let them know that you are no longer in control of your account. After that, contact customer care and let them know about the incident. To avoid all these scenarios, you shouldn’t log in from untrusted devices. If you must, then ensure that you log out after your session has ended. On top of that, ensure that you activate Multi-Factor Authentication (MFA) so that the attacker would not be able to login to your device via password only, but will need to bypass other factors to gain access to your account. Also, ensure that you use different passwords for different accounts.
- You get ads displayed in your browser every time you connect to the internet. Adware can be harmless yet an annoying experience. Adware can be disguised as legitimate software installed on a user’s machine and then display ads every time they try to use their browser to surf the internet. Although it may appear harmless, adware is known to track your internet usage and report that to the adware developer to improve the ads delivered to your browser and improve the ad monetization process. They may also redirect you to different browser pages or change your browser settings. The best way to deal with adware is to recognize the adware program and uninstall it. Users should also install anti-adware software to ensure that adware is detected and removed as soon as installed.
- Your Antivirus protection gets disabled automatically. This is a serious indicator of malicious activity on your computer. If possible, try to look at the processes running on your computer (For Windows, try running the Task Manager and switching to Processes Tabs. For Linux, try running the ps aux command from the Terminal window). If you identify any malicious process, try stopping it. If the problem persists, then the only viable solution is a complete system restore.
- Your browser has strange toolbars installed without your consent. This is a sign that you may have installed software from the internet without reading the license agreement. Often, a user may download free software, but the software is accompanied by a toolbar. The toolbar may end up hindering your browser experience, and it may even change your homepage to a spam website. It is highly suggested that you uninstall the toolbar immediately via your browser settings.
- Your mouse pointer moves and selects programs automatically. Your mouse pointer may sometimes move erratically and randomly due to hardware issues. However, if it moves in a pattern and interacts with your programs or data automatically, this is a big indicator that you may have been hacked. This is a serious situation, and you definitely would need some external help. Try to take photographs of the activity, and then disconnect the computer from your network. Full system restore is the only viable option. If you feel that your confidential information may have been leaked online or your bank account is missing funds, contact the law enforcement immediately.
- Your passwords are invalid. Imagine one day you wake up and log into your favorite website/platform and find out that your login credentials are not working. Not good, right? The chances are that the site might be experiencing technical issues, and you would be able to log in later. However, if your login credentials do not work even after taking a break, it is quite possible that your account may be compromised. This can be possible due to a phishing attack against you, or your login credentials could have been leaked in a password dump attack against your favorite website. In any case, it is best to immediately contact the website support team and let them know about the incident. Using MFA(Multi-Factor Authentication) can also help to safeguard access to your online accounts. You can also use websites like Have I been Pwned to check if your account has been compromised in a data breach.
Any person or corporation can be a victim of a cyber attack. It is necessary to ensure that users maintain proper Internet hygiene to minimize the impact of these attacks. Some of the recommended tips include:
- Enable MFA(Multi-Factor Authentication) for all your important online accounts. These include social media, e-banking, and email accounts. This will ensure that the attacker will have to do twice the amount of work to attack your accounts.
- Change your passwords regularly. Change your passwords regularly and ensure that the password you use does not consist of words that can be easily found in a dictionary. Instead, it is suggested that users should use websites like Password Generator, which allow the users to generate random and strong passwords, which would be nearly impossible to crack via brute force methods. It is also suggested that users should never use the same passwords for multiple accounts. Remembering long and complex passwords might prove difficult, and as such, the usage of Password Manager tools can prove quite helpful.
- Install and regularly update software and OS patches. This will ensure that your OS and the software you regularly use are up to date and hence, would not be vulnerable to any newly discovered vulnerability.
- Install antimalware software on your computer. Having an antimalware product will not guarantee that your computer would be 100% safe. However, it does significantly reduce the chances of your computer being infected by malware.
- Beware of phishing and other social engineering attacks. Read up on how phishing and other social media attacks take place. Educate yourself and those around you, especially the elderly, about how to protect yourself from these kinds of attacks. Education and training can save you and your loved ones from being scammed or hacked.