Have I Been Hacked? How to Find Out and Protect Yourself

Table of Contents

It seems like everyone is getting hacked these days. You may be feeling left out if you haven’t been!

The reality is that you have likely been hacked in some way… even if you don’t know it.

We’re exploring how to tell if you’ve been hacked, what to do if you’ve been attacked online, how you might be encouraging the attacks and how to protect yourself.

How to tell if you’ve been hacked

Have you been hacked? Sometimes, it’s obvious… your phone won’t start or your computer is missing files. Other times, it’s more subtle.

We’re sharing how to identify if your email, social media account, mobile device, computer, or banking account has been jeopardized. 

Email hacking

In your Apple or Google email settings, you’re able to check the physical locations where your account has been logged in. If you check the locations and see someone logging in from another state or country, that likely means you’ve been hacked.

You can check for yourself at sites like https://breachalarm.com/ and www.Haveibeenpwned.com.

Social media hacking

Social media accounts reveal hacking through sign-in locations. If your social media account password or email changes without your knowledge, you’ve almost certainly been hacked.

Same goes if:

    • Your name or birthday changes

 

    • Friend requests were made to people you don’t know

 

    • Messages have been sent from your account that you don’t recognize

 

  • Your account published posts you’ve never seen before

Mobile device hacking

Your mobile device might be hacked if you start to see unfamiliar apps installed. If your phone dies too quickly, that might indicate malware running in the background and using up your battery.

Or, you may get unexpected packages sent to your home. All of these symptoms suggest mobile device hacking.

Computer hacking

It’s virtually certain that your computer has been hacked at one point or another without your knowledge. PCs, in particular, have been attractive targets for viruses and malware for at least two decades.

How do you know your computer has been hacked? Sometimes, it’s clear. Maybe it won’t start or your files are frozen by ransomware.

Other times, computer hacking is more subtle. For example, say your computer seems sluggish. You might have malware on your system that’s slowing you down but still enabling you to use the machine.

Examples include crypto-currency “mining” software and various forms of spyware that watch where you browse in order to send you spam messages.

Banking hacking

Banking systems are typically harder to hack, but it certainly still happens.

Signs of bank hacking include unknown charges and fund transfers, but there are other early warning signs. If you don’t receive a statement in the mail on its expected date, that is a cause for alarm.

Steps to take after being hacked

So you’ve been hacked. There are several steps you should take to mitigate the attack and get your devices back on a safe track.

Reinstall your operating system

If you have been hacked, you need to reinstall your operating system (OS).

Backup services like Carbonite can be extremely valuable in this scenario. If you have to start over, they will have a fresh copy of your data ready for download. Along with hacking protection, backup servies are also useful for basic computer crashes that can disrupt your life.

Change your passwords

Another crucial step to take is to change your passwords…. all of them. Hackers usually need continued access to your accounts, so cut them off while you still can.

When changing your passwords, varying passwords between accounts and devices is a good practice. This can be tedious to do, but it’s worthwhile.

Passphrases can also work well.  With a passphrase, you create a long, hard-to-guess password out of a phrase.

For example, if the Beatles is your favorite music group, you could have a password like “herecomesthesun”. You can make that passphrase even stronger by using combinations of letters, numbers and punctuation marks… like “herec0me5the5un!”

Some people start with a basic passphrase for one account and add characters so it’s different for each additional account. For instance, if your passphrase is “herecomesthesun”, maybe you would make it “fb$herecomesthesun” for Facebook, “tw$herecomesthesun” for Twitter, and so forth.

This helps protect you from brute force attacks and random guesses.

Try using a password vault like LastPass. LastPass allows you to store all of your different passwords in one vault for easy account access.

When changing your passwords, varying passwords between accounts and devices is a good practice. This can be tedious to do, but it’s worthwhile.

Regularly scan your computer

It’s a good practice to scan your computer regularly for malware or viruses. This won’t catch everything, but it can help a lot. Similarly, it’s wise to keep an eye on financial accounts.

With new passwords and a new system, you can get your accounts back to normal.

What does “being hacked” actually mean?

One problem with hacking is the overly dramatic image that’s been built around this activity in the media.

hacker in guy fawks mask

The idea is that hackers are “bro” dudes in hoodies banging away at keyboards in dusty basements. When they use their evil genius minds to breach our defenses, their monitors light up and the timer on the nuclear warhead starts counting down… 10, 9, 8, 7…

In reality, hacking is a lot less glamorous. In fact, the very best hacks are so skillfully done that the victim doesn’t even know they’ve been compromised.

In our experience, we see a few broad types of hacking that you should understand if you want to stay safe:

  •  Espionage hacking. Many hackers work for governments (either directly or indirectly). Their activities are intended to steal information that might be valuable from an espionage point of view. Examples include Chinese Intelligence’s theft of American weapons designs and the breach of the US Government’s Office of Personnel Management.
  • Disruption hacking. A hack is often designed to interrupt the activities of life. This can occur at the personal level, where someone makes your phone go dead or in corporate or government spheres. The Sony Pictures Hack offers an example. In this case, North Korean agents caused embarrassment and business disruption at a movie studio that was releasing a film they considered insulting to their country.
  • Crime related hacking. Hacking for profit is one of the biggest threats we all face. Typically, a criminal hacker is trying to steal data that is valuable enough to be sold on the “Dark Web,” which is a sort of global online black market. Hackers can sell personal information, credit card numbers, corporate system log-ins, trade secrets and so forth to other criminals who use them to make money.

One distinction worth making is between hacks that target your personal devices versus those that target your data when it’s situated elsewhere. Chances are, you’re subject to both, but the motivations and consequences are different.

Personal device hacks

Your personal devices are likely riddled with malware. It is invisible and may not even interfere with your life very much. Malicious actors might be using your device to mine for cryptocurrency or to serve in a botnet.

In some cases, the hacker is after you, specifically, perhaps to impersonate you or find out confidential data about you. Or, they could target you (and many others) with ransomware. In this type of attack, the hacker implants malware that locks up your files until you pay a ransom, usually in Bitcoins.

Personal account hacks

In another scenario, an account you control gets hacked, even if it’s not on your device. This can happen with banking, email and social media accounts, where hackers take over your account to send spam emails or trick your friends into sending them money or divulging personal information.

Data about you sits on innumerable computer systems, vulnerable to breach. If you’re an American adult, your data was stolen in the notorious Equifax breach. Your personal data was also probably stolen in hacks against Target Stores, Home Depot, and others.

As James Comey, then head of the FBI, once said, “There are two kinds of corporations in the United States: Those who have been hacked by the Chinese and those who don’t know they’ve been hacked by the Chinese.”

Foreign intelligence services have been vacuuming up data about Americans for years. The only reason it isn’t a more serious problem for consumers is that the data is being used for intelligence, not criminal purposes.

people working computers and mobile

6 ways to protect yourself from future hacking

We make ourselves needlessly vulnerable to hacking. Bad habits include:

    • Using the same passwords across multiple accounts

 

    • Overusing a single email

 

  • Being overly trusting of public Wi-Fi

You can get yourself into cyber trouble by downloading strange email attachments, clicking on unsafe links (or links that look normal but are actually traps), downloading free software that seems too good to be true, and shopping on unsecured sites.

All of these behaviors expose you to risk, as does not encrypting your data or storing credit care information online.

You have the ability to stop hackers, or at least make things a lot harder for them. To do this, keep in mind the following steps:

    • Prioritize email and password security

Use strong passwords or phrases. Make sure your security questions are not easily guessable.

    • Update your software regularly

Developers add security features and patches over time, so make sure your apps and software is up to date.

    • Be careful about your online behavior

Secure browsing practices are recommended, like looking for the “Secure” indication on sites that you visit and especially sites where you shop (On Chrome, it looks like a little green padlock).

    • Don’t trust Public Wi-Fi for sensitive work

Using public WiFi opens you up to a multitude of threats – yet 75% of people admit to checking their email on a public connection.
To avoid threats, never use public Wi-Fi to shop, use your credit cards, log in to banks or financial institutions, or any other sensitive sites.
Also, monitor your Bluetooth connection when in public places.

    • Monitor what you share on social media

Social sharing can expose you to risk. When hackers can learn details of your life, they can impersonate you.

For example, what’s your mother maiden name? Some Facebook profiles literally spell this out for hackers to steal. Physical safety is also a consideration here… if you post about your vacation, you could be telling burglars you’re not at home.

Careless oversharing on social media can also increase your risk of being the victim of a social engineering attack. These attacks might involve a hacker impersonating a friend or coworker in order to manipulate you into disclosing private information, login credentials, or even sending money.

    • Be aware of “grandparent hacks”

Older people are frequently targeted in so-called “grandparent” hacks.

In a grandparent hack, the hacker identifies a younger persons age and name on social media. They use this information to contact their older family member, claiming to be the grandchild. The hacker will make a claim like mentioning they are stuck in a foreign city and need a wire transfer to get home.

Be aware of attacks like these and be careful about the information you share on social media.

Takeaways

You will be unable to avoid some hacks, but your level of vulnerability much of the time depends on how well you secure yourself. The trick is to adopt strong security habits and avoid situations where you open yourself up to risk.

By learning to prevent what’s avoidable, you can mitigate most of what’s inevitable.

 

data protection and anti theft

Hugh Taylor

Hugh Taylor

Hugh Taylor is a Certified Information Security Manager (CISM) who has written about cybersecurity, compliance, and enterprise technology for such clients as Microsoft, IBM, SAP, HPE, Oracle, Google, and Advanced Micro Devices. He has served in executive roles at Microsoft, IBM, and several venture-backed technology startups. Hugh is the author of multiple books about business, security, and technology