Sure signs you’ve been hacked
*** Based on the article “11 sure signs you’ve been hacked” BY ROGER A. GRIMES
In today’s “threatscape”, antivirus software provides little piece of mind. In fact, antimalware scanners on the whole are horrifically inaccurate, especially with exploits less than 24 hours old. After all, malicious hackers and malware can change their tactics at will. Swap a few bytes around, and a previously recognized malware program becomes unrecognizable.
To combat this, many antimalware programs monitor program behaviors, often called heuristics, to catch previously unrecognized malware. Other programs use virtualized environments, system monitoring, network traffic detection, and all of the above at once in order to be more accurate.
And still they fail us on a regular basis…
Listed below are the sure signs you’ve been hacked and what to do in the event of compromise. Note that in all cases, the No. 1 recommendation is to completely restore your system to a known good state before proceeding. In the early days, this meant formatting the computer and restoring all programs and data. Today, depending on your operating system, it might simply mean clicking on a RESTORE button. Either way, a compromised computer can never be fully trusted again
- Fake antivirus warning messages are amongst the surest signs that your system has been compromised. Clicking No or Cancel to stop the fake virus scan is too little - too late. The malicious software has already made use of unpatched software, often the Java Runtime Environment or an Adobe product, to completely exploit your system. Why does the malicious program bother with the “antivirus warning”? This is because the fake scan, which always finds tons of “viruses,” is a lure to buy their product. Clicking on the provided link sends you to a professional-looking website, complete with glowing letters of recommendation. There, they ask you for your credit card number and billing information
*** Know what antivirus/antimalware program is legally installed on your computer and verify it is functioning.
- Your mouse moves between programs and makes correct selections. If your mouse pointer moves itself while making selections that work, you’ve definitely been hacked. Mouse pointers often move randomly, usually due to hardware problems. But if the movements involve making the correct choices to run particular programs, malicious humans are somewhere involved. Power off the computer, unhook it from the network (or disable the wireless router) and call in the professionals. Using another known good computer, immediately change all your other logon names and passwords. Check your bank account transaction histories, stock accounts, and so on. Consider paying for a credit-monitoring service. If you’ve been a victim of this attack, you have to take it seriously. Complete restore of the computer is the only option you should choose for recovery. But if you’ve lost any money, make sure to let the forensics team make a copy first. If you’ve suffered a loss, call law enforcement and file a case. You’ll need this information to best recover your real money losses, if any.
- If one or more of your online passwords suddenly change, you’ve more than likely been hacked -- or at least that online service has been hacked. In this particular scenario, usually what has happened is that the victim responded to an authentic-looking phishing email that purportedly claimed to be from the service that ends up with the changed password. The bad guy collects the logon information, logs on, changes the password and steals money from you. Contact the online service to report the compromised account. Most online services are used to this sort of maliciousness and can quickly get the account back under your control with a new password in a few minutes.
- Your friends get bogus e-mails from your e-mail address. If one or more of your friend’s reports receiving bogus emails claiming to be from you, do your due diligence and run a complete antivirus scan on your computer, followed by looking for unwanted installed programs and toolbars.
- Frequent random popups is a popular sign that you’ve been hacked and is also one of the more annoying ones. When you’re getting random browser pop-ups from websites that don’t normally generate them, your system has been compromised.
- Redirected Internet Searches.
- Unwanted toolbars. Most browsers allow you to review installed and active toolbars. Remove any you didn’t absolutely want to install. When in doubt, remove it. If the bogus toolbar isn’t listed there or you can’t easily remove it, see if your browser has an option to reset the browser back to its default settings. If this doesn’t work, follow the instructions listed above for fake antivirus messages.
- Your antimalware software, Task Manager, or Registry Editor is disabled and can’t be restarted. This is a huge sign of malicious compromise. If you notice that your antimalware software is disabled and you didn’t do it, you’re probably exploited -- especially if you try to start Task Manager or Registry Editor and they won’t start, start and disappear, or start in a reduced state. This is very common for malware to do.
- Sure sign of system compromise - your bank account is missing money - I mean lots of money. Online bad guys don’t usually steal a little money. They like to transfer everything or nearly everything, often to a foreign exchange or bank. Usually it begins by your computer being compromised or from you responding to a fake phish from your bank. In any case, the bad guys log on to your bank, change your contact information, and transfer large sums of money to themselves. WHAT TO DO: In most cases you are in luck because most financial institutions will replace the stolen funds (especially if they can stop the transaction before the damage is truly done). However, there have been many cases where the courts have ruled it was the customer’s responsibility to not be hacked, and it’s up to the financial institution to decide whether they will make restitution to you.
- You get calls from stores about nonpayment of shipped goods. In this case, hackers have compromised one of your accounts, made a purchase, and had it shipped to someplace other than your house.
If you believe you have been hacked, please Contact Us for professional help.