I’ve Been Hacked – What Do I Do?

hacker-with-code-superimposed-image-from-shutterstock

I’ve Been Hacked – What Do I Do? A reader asks…

I fell for it, had a computer problem and gave someone remote access to my computer to fix it. Now my files are disappearing, I can’t get into my email account (wrong password), and I’m seeing purchases I didn’t make on my credit card. What do I do now? My computer isn’t connected in any way with my employer, so this is affecting just my personal life.

First, take a deep breath. Now, shut off your computer and leave it off for now. That keeps the hackers from continuing to access your computer. Likely, they’ve already hoovered up all your personal data and saved passwords to online accounts, but this important first step helps to limit the damage. The rest of this article outlines actions you should take as soon as you possibly can, and time is of the essence. The longer the hacker has access to your personal information, the more they can compromise you – locking you out of your own accounts, stealing your money, and misusing your online identity.

Now, you need to call all your financial institutions and let them know you’ve been compromised. Not just the credit card the hackers have been using, but all your credit cards- each will freeze your current account and mail you replacement credit cards. You might even find that the money they’ve already stolen from you gets returned. Credit card companies are usually pretty good about not charging the cardholder for fraudulent purchases, as long as they’ve been notified in a timely matter. Also contact your bank(s), investment companies and anyone else where you have monetary assets – report that you’ve been hacked. This helps to stop the hackers from stealing your money as the companies will be watching for suspicious transactions.

Next, you need to use a clean or unhacked computer (yours or a trusted friend’s) or device (smartphone or tablet) to try to regain access to your email account(s). This is very important since so many online entities use your email address as a way to reset passwords or regain access. For your Google/Gmail account, go to https://google.com and click blue Sign in button. Fill in your Gmail address, and click the blue Next button. Now click the ‘Forgot password?’ link. At this point, you may have alternate ways to recover your account access, depending on whether you have a smartphone with the Google app installed, have 2-factor authentication enabled on your Google account, or have a recovery phone number or email address previously setup. Follow the on-screen instructions (you may need to use the link that says “Try another way” till you find a way that works to recover access to your account). If you use another email service, follow their instructions to recover and reset your password. Be sure to use a long password that you can remember (or write it down or use a password manager app).

people-looking-at-laptop-screen-image-from-shutterstock

Once you’ve regained access to your email account, you can start to go to your other online accounts and reset their passwords. Start with your Microsoft account (if your computer uses Windows), or Apple account (if you use a Mac) and then move onto any online shopping destinations you’ve used, such as amazon.com, target.com, walmart.com, etc. Do as many as you can remember using. Also contact any other entities where you have online accounts setup, including your internet or cable TV service provider, utility companies, membership sites – anything else you can remember without having to use your compromised computer. You can do most of this online, using the forgotten password feature of their website. For some, you may be better off calling them (if they are a business with a physical location and phone number you have).

A word of warning: do not reset all those passwords with a common replacement, or one that’s too short. 15 or more characters is the way to go, following each online sites’ password complexity rules. Each website or app should have its own unique password. You can write all of these down, or use a good password manager app.

Advertisement

Now take another deep breath. When you are calm, contact your local police, the F.B.I. or other law enforcement agency for your locality, and file a crime report. Give them as many details as you can remember, phone number or website of the hacker that you called, when it happened, and what other actions you’ve already taken. It may not do any good in terms of catching the hacker, but at least you’ve reported the crime. This may help if you need to make an insurance claim. After that, contact your friends and family and let them all know you’d been hacked, so they won’t fall for any of the hacker’s attempts to use your online identity to scam or hack them as well. I recognize this may be embarrassing, but you don’t want anyone else to fall victim by someone using your identity to gain their trust.

credit-bureau-logos

At this point, you’ve done almost as much as you can do to recover access and protect your online identity. One thing you should consider is to sign up for credit and identity monitoring through one of the three major credit bureaus:  EquifaxExperian or TransUnion. This can help to protect your credit rating, and let you freeze your credit account so the hacker can’t apply for credit cards or loans with your stolen identity. See my article Safe Digital Life for links and tips.

Now you can consider cleaning up your compromised computer. Unless you are very computer-savvy, give serious consideration to hiring someone to do this for you. Only hire someone trustworthy, and someone who can physically take your computer to both work on and document what’s been compromised. If you are determined to do this yourself, here are some tips:

  1. Before you turn it on, make sure it can’t access the internet. If you are using wired Ethernet, unplug that cable. If you’re using WiFi, turn off/unplug your router temporarily. When you’re sure your computer won’t be connected to the internet, power it up and log into your user account. If you were using WiFi, turn off that function in the computer before you re-power your router (for other people’s use).

2. With the computer not connected to the internet, look for any apps or programs that were recently installed, especially remote access apps like RDP, RAT, TeamViewer, UltraViewer, etc. Uninstall them (there may be multiple types or copies).

3. Get a clean installation file of Malwarebytes (download to a thumbdrive) from another computer. Install that on your compromised computer and scan your system to find and remove any malware.

4. Your personal files may have been moved to a hidden folder, or simply deleted. Look at hidden desktop icons and the recycle bin to see if you can locate them, then move them back to your personal folders.

Depending on what the hacker did to your system and files, there may be a lot of other ‘remediation’ efforts needed to restore your computer back to normal – you have to really inspect your system to not only fix issues but also catalogue your personal information on the hard drive. The hacker almost certainly has offloaded most or all your personal files, so they can continue to mine your files for other ways to misuse your identity, or other critical information on your hard drive.

panic-button-graphic-from-shutterstock

I wish I could say that’s the end of it, but you need to not only take action now, but also be watchful from now on for fraudulent use of anything that was on your computer’s hard drive. Don’t panic, but do treat this situation with the seriousness it deserves. Give serious consideration to improving the security of your digital life. See my article Safe Digital Life for tips.

This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via Click to send money via Venmo to @positek or Click to send money via Paypal to Support@positek.net. Thank you!

Go to Top of Page

2 Comments

  1. I had suffered setback because of low credit score for so long; all my efforts to get my credit back on track had been futile. I met (redacted) through a family friend during my Grandpa’s funeral on February, at first I was hesitant to work with him; I thought it was too good to be true. After days of careful deliberation of his services with family, I decided to hire his services (remainder redacted).

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.