IThere’s nothing scarier in the modern era than being hacked. So much of our lives and lifestyles are tied to the Internet, and turning the computer on one day to discover that you can’t log in to your email or social media accounts because a hacker has gained access to them is an incredibly stressful experience.
If this has happened to you, take a deep breath, and work quickly, but calmly. The damage is unlikely to be as bad as the worst-case scenarios your brain is currently screaming at you.
The first thing you need to do is get access back to every compromised account, and immediately change the passwords to something entirely new. Most online accounts have some kind of restore process, however, if the hacker has changed the restore details (for example, the backup email for password resets from yours to theirs), then you might need to contact the service provider for more information on how to get control back.
Once you’ve got access to your account back, immediately switch on two-factor authentication, which will send your phone (or other nominated device) a code when you try and log in. Unless the hacker has control of your phone as well, then, simply having the password to your accounts will no longer be enough to access them.
Once the immediate danger is passed, the next steps are to go through and determine how the hacker was able to gain access, as well as re-secure the IT environment. You’re going to want to do everything from installing new anti-virus and anti-malware software to check your PC to see if there’s a keylogger or other similar program that a hacker is using to collect your passwords, through to changing the name of your WiFi Internet, so the hacker can no longer find which Internet connection is yours.
In most cases, hackers rely on people making simple mistakes and clicking on the wrong attachment in the wrong email, or leaving their home network wide open and unsecured by not considering the security of the router itself. The stories of hackers brute-forcing their way into your computer and accounts is greatly over-exaggerated – unless you’re a high profile politician, CEO, or celebrity, you’re not going to catch the attention of those kinds of hackers.
Depending on what accounts the hackers got access to, the final steps are an ongoing concern; you need to keep an eye out for the impact of the hack. Firstly – tell your friends and family, and those on your social networks. This is important because the hacker might use the information they’ve found on you to target those in your circle next.
Then look back through your more critical emails and any interactions you might have had with government agencies, employers, or banks. Assume that the hackers downloaded all of your email data (which, if you act quickly enough, is unlikely, but prepare for the worst), and therefore assume that if you provided your tax file number or credit card details, then it’s likely the hacker has those.
What you need to do is immediately contact any organization you have credit with to let them know and put a mark on your file. Consider canceling all credit cards and getting new ones issued.
Contact credit reporting agencies
Contact all the major credit reporting agencies, and ask them to put a freeze on you. They’ll give you a password or other details that you can use to unfreeze the account, and whatever you do, don’t lose that. As long as your account is frozen, any applications for credit will be immediately declined, and this means that if the hacker has enough information on you to apply for credit, then they won’t be successful thanks to the freeze.
Just make sure you don’t lose the password provided to you by the reporting company, else you’ll never be able to access credit again. By staying calm and working methodically, you will be able to mitigate against the damage that a hack does to you, and prevent it from happening again in the future. It’s those that panic that ends up making even greater mistakes and that simply benefits the hackers.