You’ve been hacked, now what?

Yes, it just happened to me. I was hacked! Dozens of my friends and family were wondering about the strange Happy New Year email they received from “me” a few days ago and immediately called or posted on my twitter feed that I had become a victim.

Unfortunately, cyber criminals are extremely persistent; sooner or later you may be compromised and that’s exactly what happened to me.HackingStat

Although I have followed many of the tips that I have been given to be cyber-safe both at home and at work, the thieves got into my world! It worries me to know that they might have access to my contacts, my emails, my documents and all the stuff I had saved on Yahoo. It really upsets me that they are just looking to damage data, infect computers, and steal information or whatever else they do. Big companies have been compromised, but what thrill do they get from hacking a simple public servant like me? Well, they are out there and there are even videos out there that teach people how to hack!

My friends and family are savvy enough not to click on any links or download any documents that look strange. However, not everyone is as suspicious.

Besides venting, I also want to provide you with some tips on what to look for and how to respond when you have been attacked. Remember, the faster you realize you have been hacked, and the faster you notify someone and respond, the less damage cyber criminals can do.

  • First, your anti-virus software generates an alert. The software should scan your computer every time you save, open or run a file. If it finds a virus on your system, your computer may have been hacked.
  • Second, your browser is taking you to unwanted websites or random websites open on your screen and you cannot close them. Sometimes cyber criminals will reprogram your computer to take you to websites you do not want to go.
  • Third, your passwords no longer work. Cyber criminals will often change your password after hacking your account so they maintain control of it.
  • Fourth, your friends or co-workers tell you they are receiving odd messages from your Facebook, Twitter or email accounts that you know you did not send.
  • Finally, you believe you may have accidently installed suspicious software. Sometimes you may click on software you did not mean to install, and now you believe you may have infected your computer.

Once someone knows your password, they can steal your identity or access all of your personal information, so make them hard to guess! Below are some tips for strong, secure passwords by ConnectSafely.

Never give out your password to anyone.* Never give it to friends, even if they’re really good friends.

Don’t just use one password. It’s possible that someone working at a site where you use that password could pass it on or use it to break into your accounts at other sites.

Create passwords that are easy to remember but hard for others to guess. Use paraphrases such as “I started 7th grade at Lincoln Middle School in 2004” and use the initial of each word like this: “Is7gaLMSi2004.” And make them at least a little different (by adding a couple of unique letters) for each site. On some sites you might even be able to type in the entire phrase.

PasswordsTipMake the password at least 8 characters long. Longer passwords are harder for thieves to crack.

Include numbers, capital letters and symbols. Consider using a $ instead of an S or a 1 instead of an L, or including an & or % – but note that $1ngle is NOT a good password. Password thieves are onto this. But Mf$1avng (short for “My friend Sam is a very nice guy) is an excellent password.

Don’t post it in plain sight: This might seem obvious but studies have found that a lot of people post their password on their monitor with a sticky note. Bad idea.

Consider using a password manager. Programs or Web services like RoboForm (Windows only) or Lastpass (Windows and Mac) let you create a different very strong password for each of your sites.

Don’t fall for “phishing” attacks. Be very careful before clicking on a link (even if it appears to be from a legitimate site) asking you to log in, change your password or provide any other personal information. It might be legit or it might be a “phishing” scam where the information you enter goes to a hacker. When in doubt, log on manually by typing what you know to be the site’s URL into your browser window.

Make sure your computer is secure. To increase security, make sure you’re using up-to-date anti-malware software and that your operating system is up-to-date.

I will leave you with a look back at the Cal OES Production Protecting Cybersecurity where we discuss how state governments and individuals can increase their online security and protect their information.

Give Us Feedback!

%d bloggers like this: