Let’s face it: the government undoubtedly knows everything about you. Have you forgotten your email password?
A criminal hacking group, on the other hand, will often want to monetize its unauthorised access as comprehensively as possible, and as early as possible, preferably before you hear about it, such as when the Capital One hack became public. What should you do if you discover you’ve been hacked?
If you believe you have been hacked or a company that is hosting your account has been hacked the most important thing you should do is change your passwords.
Before we get to what you should do, the real question is how do people know they’ve been hacked in the first place.
We all know that when a major hack occurs, the media goes wild. But the good thing about the media in this case, is that it keeps us informed. You often find ourselves checking the website of the affected service to see if you have been impacted. The one saving grace is that because you’re one of millions, the hackers may never get around to meddling with your personal information. Also, don’t expect your antivirus to defend you from a security compromise that occurs on a remote server.
Other exposures are more difficult to detect. Unexpected charges on your statement may be your first indicator that your credit card has been hijacked by a hacker. Always read credit card statements and make an effort to understand what each line signifies, even if it’s a minor one. Before making a large transaction, card fraudsters will make a few modest purchases to ensure the card is in good working order.
Your bank may notice fraudulent activity, deny the charges, and offer you a new card if you’re lucky. Of course, this is inconvenient because any automated payments you’ve set up will require the new number. Still, it’s preferable to allow hackers to use your credit card to book a Caribbean holiday.
Scammers can send spam or targeted email scams to your contacts using a hijacked email account. Worried phone calls from friends asking whether you’re genuinely detained in a Paris airport with no cash, or angry texts from people “you” have spammed, could be your first hint. An identity thief can also utilise your personal information to open credit accounts under your name that you are unaware of. You might only find out when a business refuses to open a new line of credit when you ask for it.
What Happens Next?
The easiest hack to deal with is credit card fraud. You are not liable for the fraudulent charges, and the matter will be resolved once the bank issues a new card.
It can be more difficult to regain control of a compromised email account. You’ll need to contact the email provider and show that you’re the rightful owner of the account. Of course, if the hacker changes your password, you won’t be able to contact the provider via your usual email. It’s critical to have multiple email addresses, each of which serves as an alternate contact address for the other.
You could be in trouble even if you didn’t use the same password. Consider the following scenario. What should you do if you forget your website password? You receive an email with a password reset link. If a competent hacker gains access to your email account, he or she will immediately look for additional accounts, such as social media, or, worse, shopping and banking accounts.
After you’ve recovered from an email account takeover, you should change your password on every site associated with that email address. A password manager will be really useful in this situation. Password managers make it possible and simple to use a unique random password for each account – at least once you’ve updated all of your old re-used passwords.
Help for Identity Theft
Organisations like Federal Trade Commission, Competition and Consumers Affairs Commission and Fair Competition Commission helps you report and recover from identity theft.
Identity theft in its most extreme form may be a nightmare. Victims often spend thousands of dollars over the course of weeks or months trying to regain control of their online identities and lives. The Federal Trade Commission has a great website with detailed instructions on how to proceed. The site recommends that you get your credit reports to examine what’s going on and file an official identity-theft report with the FTC, among other things.
The website then goes on to detail all you need to know in a step-by-step manner. It includes checklists, as well as example letters and paperwork, to ensure you don’t forget anything. You won’t go wrong if you use this helpful tool.
Won’t Get Hacked Again!
How can you ensure that you are not hacked, or that you are not hacked again? You’ve undoubtedly read a lot of stories since the Equifax attack advising you to freeze your credit, set up a fraud alert (which means you’ll have to go through extra verification procedures to create a new account), and so on. After all, the next major security breach is on the horizon; in fact, it may have already occurred. In the Equifax case, the real breach occurred months before it was detected.
When it comes to credit cards, there’s not much you can do except avoid buying at dodgy stores, both in person and online. The majority of physical businesses now accept chipped credit cards (though there are still holdouts). Chipped cards provide excellent security for in-person transactions, but they are ineffective for card-not-present internet purchases.
Mobile payment methods such as Apple Pay and Googly Pay are safer than traditional credit cards. Hackers gain nothing by obtaining existing transaction data since each transaction is assigned a unique number. You may also utilise the mobile payment system to make online purchases. Simply use a fingerprint scanner or a strong passcode to secure your phone and keep it with you at all times.
You may request a password reset on some websites by completing a few easy security questions. The difficulty is that the bad guys can usually Google the answers to such queries in a matter of seconds. If you have the option of defining your own security questions, do so, and make sure they’re tough—questions that only you could answer.
There are certain things you can take to protect yourself from a full-fledged identity theft. Never provide any information on a web form that isn’t strictly necessary. Make something up if it’s necessary but irrelevant, like your street address on a site that doesn’t ship to you. For paper invoices and statements, invest in a low-cost shredder.
Yes, there is some effort and vigilance required. However, it’s a little price to pay compared to the time and effort you’d have to put in if hackers stole your identity.
Support all your efforts by registering with Siccura Cybershield Programme, which not only provides awareness but keeps you digitally safe.