Whether you’ve been hacked, phished, had malware installed, or simply don’t know what occurred but someone is all over your e-mail, there are a few solid first actions to take after an occurrence. This isn’t a complete list, but it’s an excellent place to start.
Ask Yourself Why?
While you’re repairing things, take a step back and ask yourself a more fundamental question: What was the cause of the breach? If the question was about your bank account, the answer might be self-evident. In other circumstances, such as e-mail, it could be for a variety of reasons, such as sending spam, asking money from contacts, or resetting passwords on other sites. An attacker could be attempting to obtain access to your company. Knowing why you were targeted might sometimes assist you in figuring out how you were hacked.
Passwords Must Be Reset
Change the password on the impacted service, as well as any other services that use the same or similar password. Also, don’t use the same password twice. As part of routine maintenance, you should change your passwords on a regular basis. However, if you’ve recently been hacked, it’s even more critical. This is especially true if you reuse passwords or employ password schemes that produce passwords that are similar (like Google@123, Test@123, Facebook@123).
Password reuse is one of the most heinous crimes, and it’s quite difficult to avoid. Sites can impose password requirements, such as character length or the inclusion of symbols and numbers in the password, but they can’t force consumers to avoid reusing the same or similar passwords. “It’s fairly normal for people to use similar or the same password, but it’s extremely rare for them to recognise that doing so makes them liable and that they need to change their password once they’ve been hacked.”
Scan and update
It’s possible that the attacker gained access to your system through your computer. Almost all malware is installed by the victims themselves, even if they are unaware of it. Also, if you have a virus on your computer, you must remove it before beginning the recovery process. Make sure you have the most recent version of your operating system installed. Run a scan for malware and viruses that may have been the source of the attack with a good anti-virus programme. Do it right now since it’s the most basic thing you can do. Furthermore, employ a branded commercial programme that you have paid for.
Take control of your account.
Most major online services have mechanisms in place to assist you in regaining control of your account once it has been hijacked by someone else. Typically, you’ll need to be able to answer some account-related inquiries. Facebook uses a unique mechanism based on friend verification. Do you use a service that isn’t listed here? You can usually get back in by searching for the company’s name with “account recovery.”
Backdoors should be investigated.
Hackers who are astute will not only gain access to your account, but will also put up tools to ensure that they can re-enter once you’ve gotten them out. Once you’ve regained access to your accounts, check to see if there’s a back door anyplace that could allow an attacker back in. Examine your email rules and filters to ensure that nothing is being forwarded to another account without your permission. Check to see if the answers to your security questions have changed, as well as the questions themselves.
Pay attention to the money.
If the impacted account has a commercial component, thoroughly evaluate every activity on that account. Check that your account hasn’t been updated with any new shipping addresses, payment methods, or accounts. This is especially true of sites that allow you to purchase items with a single click or issue payment cards.
Attackers carry out their actions for a reason. If we’re talking about hacking your Bank of America or PayPal account, the motivation is clear: they want your money. Criminals will frequently attempt to link your account to a debit card. It’s a mechanism for them to monetize if they add an address and then request a financial instrument.”
Perform a security audit on all of the accounts that are affected.
One account is frequently used as a portal to another. Your Dropbox account can only be a way to access something you’ve saved there. Your e-mail account may only serve as a gateway to your online banking account. You must not only secure the account that has been hacked, but also all the ones that it has touched. Reset your passwords for such services and treat them as if they were stolen.
All Those Apps Should Be De-Authorised
This is one of those processes that isn’t immediately obvious but is crucial. If your account has been compromised, one of the first things you should do is de-authorise all related apps that use that account for login or social graph. Google, Twitter, Facebook, Dropbox, and a slew of other companies, for example, support OAuth, which allows third-party apps to access account APIs without requiring them to provide account login credentials. However, if a hacker has used it to authorise another device or service and is still logged in, changing your password will not allow them to leave.Even after recovering access to your account, there could be a rogue client out there that you are unaware of. The best course of action is to turn off everything you’ve given access to. Going back through and re-authorizing them may be inconvenient, but it’s preferable to having a malicious individual lurking in your account. In any event, doing so on a regular basis is merely excellent hygiene.
Secure Your Credit
It’s bad enough that your email was hacked; you don’t want your identity to be stolen as well. For a cost, services such as LifeLock will do this for you, but you may also do it yourself by calling the three major credit reporting agencies. Locking down your credit may be free depending on your state, as long as you’ve filed a police complaint.
Let’s imagine your Facebook account is hacked. “There’s a strong chance you won’t lose any money, but your friends might,” says the author. There may be facts that you need to notify people about, ranging from financial information to sensitive personal information.
But there’s another reason to do it, which is the same as the motive for writing this article: to raise awareness. The ideal strategy is to do everything you can to avoid being hacked, including keeping your software up to date, practising excellent password hygiene, and backing up your entire system.