I’ve Been Hacked – What Do I Do?

hacker-with-code-superimposed-image-from-shutterstock

I’ve Been Hacked – What Do I Do? A reader asks…

I fell for it, had a computer problem and gave someone remote access to my computer to fix it. Now my files are disappearing, I can’t get into my email account (wrong password), and I’m seeing purchases I didn’t make on my credit card. What do I do now? My computer isn’t connected in any way with my employer, so this is affecting just my personal life.

First, take a deep breath. Now, shut off your computer and leave it off for now. That keeps the hackers from continuing to access your computer. Likely, they’ve already hoovered up all your personal data and saved passwords to online accounts, but this important first step helps to limit the damage. The rest of this article outlines actions you should take as soon as you possibly can, and time is of the essence. The longer the hacker has access to your personal information, the more they can compromise you – locking you out of your own accounts, stealing your money, and misusing your online identity.

Now, you need to call all your financial institutions and let them know you’ve been compromised. Not just the credit card the hackers have been using, but all your credit cards- each will freeze your current account and mail you replacement credit cards. You might even find that the money they’ve already stolen from you gets returned. Credit card companies are usually pretty good about not charging the cardholder for fraudulent purchases, as long as they’ve been notified in a timely matter. Also contact your bank(s), investment companies and anyone else where you have monetary assets – report that you’ve been hacked. This helps to stop the hackers from stealing your money as the companies will be watching for suspicious transactions.

Next, you need to use a clean or unhacked computer (yours or a trusted friend’s) or device (smartphone or tablet) to try to regain access to your email account(s). This is very important since so many online entities use your email address as a way to reset passwords or regain access. For your Google/Gmail account, go to https://google.com and click blue Sign in button. Fill in your Gmail address, and click the blue Next button. Now click the ‘Forgot password?’ link. At this point, you may have alternate ways to recover your account access, depending on whether you have a smartphone with the Google app installed, have 2-factor authentication enabled on your Google account, or have a recovery phone number or email address previously setup. Follow the on-screen instructions (you may need to use the link that says “Try another way” till you find a way that works to recover access to your account). If you use another email service, follow their instructions to recover and reset your password. Be sure to use a long password that you can remember (or write it down or use a password manager app).

people-looking-at-laptop-screen-image-from-shutterstock

Once you’ve regained access to your email account, you can start to go to your other online accounts and reset their passwords. Start with your Microsoft account (if your computer uses Windows), or Apple account (if you use a Mac) and then move onto any online shopping destinations you’ve used, such as amazon.com, target.com, walmart.com, etc. Do as many as you can remember using. Also contact any other entities where you have online accounts setup, including your internet or cable TV service provider, utility companies, membership sites – anything else you can remember without having to use your compromised computer. You can do most of this online, using the forgotten password feature of their website. For some, you may be better off calling them (if they are a business with a physical location and phone number you have).

A word of warning: do not reset all those passwords with a common replacement, or one that’s too short. 15 or more characters is the way to go, following each online sites’ password complexity rules. Each website or app should have its own unique password. You can write all of these down, or use a good password manager app.

Advertisement

Now take another deep breath. When you are calm, contact your local police, the F.B.I. or other law enforcement agency for your locality, and file a crime report. Give them as many details as you can remember, phone number or website of the hacker that you called, when it happened, and what other actions you’ve already taken. It may not do any good in terms of catching the hacker, but at least you’ve reported the crime. This may help if you need to make an insurance claim. After that, contact your friends and family and let them all know you’d been hacked, so they won’t fall for any of the hacker’s attempts to use your online identity to scam or hack them as well. I recognize this may be embarrassing, but you don’t want anyone else to fall victim by someone using your identity to gain their trust.

credit-bureau-logos

At this point, you’ve done almost as much as you can do to recover access and protect your online identity. One thing you should consider is to sign up for credit and identity monitoring through one of the three major credit bureaus:  EquifaxExperian or TransUnion. This can help to protect your credit rating, and let you freeze your credit account so the hacker can’t apply for credit cards or loans with your stolen identity. See my article Safe Digital Life for links and tips.

Now you can consider cleaning up your compromised computer. Unless you are very computer-savvy, give serious consideration to hiring someone to do this for you. Only hire someone trustworthy, and someone who can physically take your computer to both work on and document what’s been compromised. If you are determined to do this yourself, here are some tips:

  1. Before you turn it on, make sure it can’t access the internet. If you are using wired Ethernet, unplug that cable. If you’re using WiFi, turn off/unplug your router temporarily. When you’re sure your computer won’t be connected to the internet, power it up and log into your user account. If you were using WiFi, turn off that function in the computer before you re-power your router (for other people’s use).

2. With the computer not connected to the internet, look for any apps or programs that were recently installed, especially remote access apps like RDP, RAT, TeamViewer, UltraViewer, etc. Uninstall them (there may be multiple types or copies).

3. Get a clean installation file of Malwarebytes (download to a thumbdrive) from another computer. Install that on your compromised computer and scan your system to find and remove any malware.

4. Your personal files may have been moved to a hidden folder, or simply deleted. Look at hidden desktop icons and the recycle bin to see if you can locate them, then move them back to your personal folders.

Depending on what the hacker did to your system and files, there may be a lot of other ‘remediation’ efforts needed to restore your computer back to normal – you have to really inspect your system to not only fix issues but also catalogue your personal information on the hard drive. The hacker almost certainly has offloaded most or all your personal files, so they can continue to mine your files for other ways to misuse your identity, or other critical information on your hard drive.

panic-button-graphic-from-shutterstock

I wish I could say that’s the end of it, but you need to not only take action now, but also be watchful from now on for fraudulent use of anything that was on your computer’s hard drive. Don’t panic, but do treat this situation with the seriousness it deserves. Give serious consideration to improving the security of your digital life. See my article Safe Digital Life for tips.

This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via:

Click or tap to open a new browser tab or your Venmo app and send money via Venmo to @positek(@PosiTek)Click or tap to open a new browser tab or your Paypal app to send money via your Paypal account to support@positek.net (Support@PosiTek.net)Click or tap to open a new browser tab or your Paypal app to send money using your credit card to support@positek.net (no Paypal account required)using any credit card
or by mailing a check/cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thanks!

9 Comments

  1. I had suffered setback because of low credit score for so long; all my efforts to get my credit back on track had been futile. I met (redacted) through a family friend during my Grandpa’s funeral on February, at first I was hesitant to work with him; I thought it was too good to be true. After days of careful deliberation of his services with family, I decided to hire his services (remainder redacted).

  2. A bad credit score is a financial grade that adversely affects not only your finances but also your employment opportunities and professional relationships. It’s important to fix it right away before your situation worsens.

  3. Sam Mosley

    You actually have dozens of different credit scores and the only one that matters is the one your lender is looking at.
    My request to get a loan to purchase a car got denied by my lenders due to my low credit score on experian and fico.
    The amazing thing is I got referred to [redacted] by a popular credit company called [redacted]
    because they could not get my credit boosted to what i wanted . i am so glad i got his contact because he changed my life
    with a month by removing all the bad items on my credit and giving me a score of 800 on all bureaus . Dont miss out on this
    great opportunity if you intend getting your credit fixed .

    • Hi Sam, thanks for your comment. I cannot pass along your recommendation as I suspect that the service you got was not legal. While the credit company you referred (although you misspelled, so who really knows) is a valid company, the email address you provided was not for a “popular credit company” – that was a personal email address you mentioned, so no way to find out if they are legit.

      I would never recommend anyone use shady services for anything. Credit repair is a process and takes time and effort to accomplish. Anyone claiming (or even doing) that instantly is not working on the legit side.

      You may have gotten what you wanted and paid for, but I suspect fraudulent activity made it happen.

  4. James Dickson

    I got my credit score been repaired and fixed by this man who helped me in erasing all the credit deficit and wipe away all the credit debt off my credit report. just get to him via [redacted]

  5. Kellie Tinhall

    I invested my all life savings into a crypto currency investment and lost every penny i put into it. I remember how depressed i got and contemplated

    suicide because i had some loans to pay up. i almost gave up until i read some good reviews about this great recovery expert.

    i explained all that happened and within few days he was able recover every coin i lost into that crypto website .

    guys reach out to [redacted] if you have lost any type of funds to these scam websites or romance scam .

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.