Home
What should You Do After You’ve Been Hacked
R
Whether you were hacked, phished, had malware installed or just donât know what the heck happened but thereâs somebody all up in your e-mail, here are a few good first steps to take following an incident. This is by no means comprehensive, but itâs a good start.
Ask Yourself Why
While you are fixing things, itâs a good time to take a step back, and ask yourself a more basic question: What was the reason for the breach? If it was your bank account, the answer may be obvious. In other cases, such as e-mail, it can be for a host of reasons â" from using it to send spam, to requesting money from your contacts, to getting password resets on other services. An attacker may even be trying to gain access to your business. Knowing why you were targeted can also sometimes help you understand how you were breached.
Reset Your Passwords
Immediately change the password on the affected service, and any others that use the same or similar password. And, really, donât reuse passwords. You should be changing your passwords periodically anyway as a part of routine maintenance. But if youâve just been hacked, itâs now more urgent. This is especially true if you reuse passwords, or use schemes that result in similar passwords.
âPassword reuse is one of the great evils and its very hard to prevent,â says PayPalâs principal scientist for consumer security Markus Jakobsson. Sites can set up password requirements â" for example a character length or that a password include symbols and numbers â" but they cannot force people into not reusing the same or similar passwords. âItâs very common for people to use similar or the same password but itâs very rare for people to realize that it creates a liability for them to do it and that they need to change their password after theyâve been hacked.â
Update and Scan
Thereâs a possibility that the attacker got in via your machine. Almost all malware is installed by victims themselves, if unknowingly. And if something nasty is on your computer, you need to get it off before you start a recovery process. Make sure you are running the most recent version of your operating system. Download a solid anti-virus product and run a scan for malware and viruses that may have been the source of the attack. This is the most basic thing you can do, so do it now. And moreover, use a brand-name commercial program that you pay for.
âMalware antivirus software isnât perfect â" they have a hit ratio of 50 to 75 percent and can miss almost as much as they find, but itâs better than nothing,â explains Jakobsson. And why should you pay for it? âMost people who search for âfree antivirusâ end up installing malware.â
Join the Fastest Growing Group in this category
Take Back Your Account
Most of the major online services have tools in place to help you get your account back after it has been taken over by someone else. Hereâs how to do that on
Apple
,
Facebook
,
Google
,
Microsoft
,
Twitter
and
Yahoo
.
Typically, youâre going to need to be able to answer some questions about your account. Facebook has a novel method that relies on friend verification. Are you using a service not listed here? Typically you can find your way back in by searching for its name plus âaccount recovery.â
Check for Backdoors
Smart hackers wonât just get into your account, theyâll also set up tools to make sure they can get back in once youâve gotten them out. Once you have your accounts back, you should immediately make sure there isnât a back door somewhere designed to let an attacker back in. Check your e-mail rules and filters to make sure nothing is getting forwarded to another account without your knowledge. See if the answers to your security questions were changed, or if those questions themselves have changed.
Follow the Money
If there is an element of commerce involved in the affected account, thoroughly review any activity on that account. Verify that no new shipping addresses have been set up on your account, no new payment methods have been added, or new accounts linked. This is especially true of sites that let you make one-click purchases, or issue payment cards.
âAttackers do things for a reason,â says Jakobsson. âIf we are talking about attacking your Bank of America account or PayPal the reason is obvious: They want your money. What criminals will often want to do is hook up a debit card to your account. If they add an address and then request a financial instrument, that is a way for them to monetize.â
Perform a Security Audit on All Your Affected Accounts
Often, one account is simply used as a gateway to another. Your Dropbox account may only be a means to get at something stored there. Your e-mail might only be a path to your online banking. Not only do you need to secure the account you know was hacked, but you need to check all the others it touches as well. Reset your passwords on those services, and treat them as if they have been compromised.
De-Authorize All Those Apps
This is one of those non-obvious but important steps. One of the first things you should probably do if youâve had an account compromise is de-authorize all the associated apps that use that account for login or for its social graph. For example, Google, Twitter, Facebook, Dropbox and many others support OAuth, which enables third party apps to use account APIs without having to give them the account login information. But if a hacker has used it to authorize another device or service, and remains logged in there, simply changing your password wonât get them out. There could be a rogue client out there that you remain unaware of even after regaining access to your account. The best bet is to pull the plug on everything youâve given access to are on
Google
,
Facebook
and
Twitter
. It may be a pain to go back through and re-authorize them, but itâs less so than leaving a malicious individual lurking in your account. And in any case, doing so periodically is just good hygene.
Lock Down Your Credit
Itâs bad enough you had your email hacked, but you really donât want your identity stolen as a result. Services like LifeLock will do this for you for a fee, but you can also do it yourself by contacting the three major credit reporting agencies directly. Depending on the state you live in, locking down your credit might be free, provided youâve filed a police report.
Speak Out
âSay that your Facebook account gets hacked,â says Jakobsson, âthereâs a good chance you wonât lose any money, but your friends might.â The
mugged-in-London scam
works by hijacking your identity to contact friends to request money. Itâs also true, though less commonly so, on AIM and Google Talk and other services. There may also be data that you need to let othersâ know has been accessedâ"from financial matters to sensitive personal information.
But thereâs another reason to do this too, and itâs the same reason for this very article, which is to raise awareness. The best tactic of all is to do everything in your power to not be hacked: to run up to date software, use good password hygiene, and make backups of everything in your system.
âThis is an amazing opportunity to educate people,â says Jakobsson. ââWhen you say, âwow, it could happen to him; it could happen to me,â thatâs when you change.â
No comments:
Post a Comment
Newer Post
Older Post
Home
Subscribe to:
Post Comments (Atom)
Share This
Take this Free Test
Loading...
No comments:
Post a Comment