When You've Been Hacked, What Should You Do?
Getting hacked can be a nightmare, whether your personal data is exposed in a Capital One-style breach or your email password is exposed. Knowing what to expect and how to deal with it is beneficial, but knowing how to prevent hackers in the first place is even better.
Let's face it: our government probably knows everything about you. Other governments are doing the same thing. Have you forgotten your email password? Simply ask the FSB! Security agencies, on the other hand, do not use this information for simple criminal attacks.A criminal hacking group, on the other hand, will typically try to monetize its unauthorized access as thoroughly as possible, and as quickly as possible, preferably before you hear about it, such as when the Capital One hack became public. What should you do if you discover you've been hacked?
How will you be able to tell?
When a major hack occurs, news organizations go berserk. You can check the website of the affected service to see if you were affected, but you should assume you were. The only saving grace is that because you're one of millions, the hackers may never get around to messing with your personal information.Also, don't expect your antivirus to protect you from a security breach that occurs on a remote server.
Other exposures are more difficult to detect. Unexpected charges on your bill may be your first indication that your credit card has been compromised by a hacker.
Always read credit card bills and make an effort to understand what each line means, even if it's a small one. Before making a large purchase, card thieves will make a few small purchases to ensure the card is in good working order. To keep track of all your credit card transactions in one place, use a personal finance service like Mint.com.
Your bank may detect fraudulent activity, decline the charges, and issue you a new card if you're lucky. Of course, this is inconvenient because any automatic payments you've set up will require the new number. Still, it's preferable to allowing hackers to use your credit card to book a Caribbean vacation.
Scammers can send spam or targeted email scams to your contacts using a compromised email account. Worried phone calls from friends asking if you're truly stuck in a Paris airport with no cash, or angry messages from those "you" have spammed, could be your first clue.
What Happens After That?
The easiest hack to deal with is credit card fraud. You are not liable for the fraudulent charges, and the problem will be resolved once the bank issues a new card.
It can be more difficult to regain control of a hacked email account. You'll need to contact the email provider and show that you're the rightful owner of the account. Of course, if the hacker changes your password, you won't be able to contact the provider via your regular email. It's critical to have multiple email addresses, each of which serves as an alternate contact address for the other.
Photo by Alex Kotliarskyi on Unsplash
Have you ever used your email address as a username on a different website? That is, without a doubt, a common practice. However, if you used the same password for your other accounts as you did for the hacked email account, those accounts are now also compromised.
You could be in trouble even if you didn't use the same password. Consider the following scenario. What should you do if you forget your website password? Right—you click to receive an email with a password reset link. If a smart hacker gains access to your email account, he or she will immediately look for other accounts, such as social media, or, worse, shopping and banking accounts.
After you've recovered from an email account takeover, you should change your password on every site associated with that email address. A password manager will be extremely useful in this situation.
Identity Theft Assistance
Identity theft in its most extreme form can be a nightmare. Victims can spend thousands of dollars over the course of weeks or months trying to regain control of their online identities and lives. The Federal Trade Commission has a great website with detailed instructions on how to proceed.
The site recommends that you order your credit reports to see what's going on and file an official identity-theft report with the FTC, among other things.
The website then goes on to detail everything you need to know in a step-by-step manner. It includes checklists, as well as sample letters and forms, to ensure you don't forget anything. You won't go wrong if you use this helpful tool.
I'm not going to be hacked again!
How can you ensure that you are not hacked, or that you are not hacked again? You've probably seen a lot of articles since the Equifax hack advising you to freeze your credit, set up a fraud alert (which means you'll have to go through extra verification steps to open a new account), and so on. Stop and think about whether you're willing to make such changes to your credit life before you do so.
After all, the next major security breach is on the horizon; in fact, it may have already occurred. In the Equifax case, the actual breach occurred months before it was discovered.
When it comes to credit cards, there's not much you can do except avoid shopping at shady stores, both in person and online. The majority of physical stores now accept chipped credit cards (though there are still holdouts). Chipped cards provide excellent security for in-person transactions, but they are ineffective for card-not-present online transactions.
Mobile payment systems such as Apple Pay and Android Pay are actually safer than traditional credit cards. Hackers gain nothing by stealing existing transaction data because each transaction is assigned a unique number. You can also use the mobile payment system to make online purchases. Simply use a fingerprint scanner or a strong passcode to secure your phone and keep it with you at all times.
Hackers can access your email address and password through insecure websites, but using a bad password leaves your account vulnerable to a brute-force attack. For your email account, use a strong password, and for every other account or secure site, use a different strong password. Yes, you'll need a password manager, but there's no need to pay for one. The most effective free password managers are quite useful.
You can request a password reset on some websites by answering a few simple security questions. The problem is that the bad guys can usually Google the answers to those questions in a matter of seconds. If you have the option of defining your own security questions, do so, and make sure they're tough—questions that only you could answer.
Don't use a truthful answer if you're forced to choose from lame questions like your mother's maiden name. Choose a fictitious answer that you'll remember. Also, don't reuse question/answer pairs across multiple websites.
Photo by Shahadat Rahman on Unsplash
There are some things you can do to protect yourself from full-fledged identity theft. Never provide any information on a web form that isn't absolutely necessary. Make something up if it's required but irrelevant, like your street address on a site that doesn't ship to you. For paper bills and statements, invest in a low-cost shredder.
Examine all of your statements and take advantage of your free credit reports. Install a powerful security suite to back up your efforts.
Yes, there is some effort and vigilance required. However, it's a small price to pay compared to the time and effort you'd have to put in if hackers stole your identity.
#hackers #hacker #hacking #cybersecurity #ethicalhacking #hack #kalilinux #linux #anonymous #technology #hackerman #ethicalhacker #programming #infosec #security #hacked #hackerspace #pentesting #cyber #cybercrime #programmer #malware #cyberattack #informationsecurity #python #coding #hackerindonesia #tech #cybersecurityawareness #bhfyp
Comments
Post a Comment