Whether it’s a social media account or bank account, it seems that almost everyone gets hacked at some point or another. This article will explain the basics of an increasingly common issue: hacking. It will define the term in the appropriate context, explain how unauthorized users gain access to others’ devices and accounts, and go over some of the most common signs that your resources are likely to have been compromised. It will conclude with a discussion of important things readers should do if they suspect or know that their account was hacked.
What Does “Hack” Mean?
The word “hack” has several different meanings, even within the realm of information technology and security. In this context of this article, hacking is the act of gaining unauthorized access to a device, network, or account. The people attempting to gain this access will be referred to as an unauthorized user, to avoid the term “hacker”.
How Do People Hack Accounts and Devices?
There are many ways someone can hack into an account. Some require technical prowess, while others are as simple as watching someone type out their password. Here are some common examples of how a resource may be compromised:
Phishing
Phishing occurs when a victim is tricked into taking action based on the contents of a malicious email or other message employing social engineering techniques. In some cases, that action might cause the victim to install spyware or malware on their device. Phishing email often encourages the victim to act quickly. Not everybody will be fooled by this approach, but so long as some are, the unauthorized users have what they want.
Keyloggers
Keyloggers are malicious pieces of software that capture the sequence of key strokes as a victim types on their keyboard. The keylogging software could have been installed by the victim after being tricked by a phishing email or a phone call from a person masquerading as a helpful technical support person.
Eavesdropping
An unauthorized user might be able to listen in on your network communications through compromise of the network devices that your Internet access pass through. In some cases, this may be because the unauthorized users have tricked you into connecting to their malicious WiFi access point with a network name similar to a WiFi service that you expect to see, e.g. “FreeCoffeeWiFi”.
Data Breach
A service you use may have their systems breached and data exfiltrated, either due to an exploited security bug or use of poor security practices. A data breach may expose your personal information or your credentials on that site. Some high profile data breaches are covered in the mainstream press. Sites such as Have I Been Pwned (https://haveibeenpwned.com/) can be used to search if your email address has been compromised as part of a known data breach.
Password Guessing
If your email address is visible in your social media profiles or similar, you’ve already provided the unauthorized user with one of the two pieces of information that may need to guess. If you have chosen a commonly used password, then the unauthorized user might be able to use special software tools to try commonly used passwords to gain access to your account.
If an unauthorized user attempts this method and is unsuccessful, the service may send you an email to notify you of failed login attempts.
Signs You’ve Been Hacked
There are several red flags you should be aware of that may mean you’ve been hacked. Further, different accounts may have unique signs of hacking that others don’t, such as a social media profile versus an email account. As such, it’s important to not only understand what these signs are, but also to act on them when you see them. If you become aware of any of these symptoms, further investigation is recommended.
Unfamiliar Messages Sent from Your Accounts
If there are messages you don’t remember sending from your account or device, it could mean that you’ve been hacked. You should also be suspicious of nonsensical or spam-like messages that were sent from your account, or if someone else tells you they received a strange message from you.
Notifications of Atypical Account Access
If your accounts are compromised, they may be accessed by the unauthorized users from locations and devices that are dissimilar to how you access your accounts. Some services will notify you when an atypical access is noticed. For example, you may be notified of an access from Canada when you have only ever accessed the account from the United States.
Inaccessible Accounts and Devices
Being unable to access your account or unlock your device is one of the biggest warning signs that you’ve been hacked. If your password, email address, or security questions were changed — and you know for a fact that you didn’t do it — you’ve almost definitely been hacked.
Sluggish Devices
Be wary if your phone or computer becomes slower than usual, especially if this change happens suddenly. If there is any malware on your device, it can significantly slow things down. A more quickly-draining battery or a warmer device can also indicate that malware is running in the background.
Out-of-Control Devices
Any activity that you personally did not initiate may indicate that your account or device has been compromised and is under the control of another person or process. These suspicious activities include:
- Programs or applications that open randomly
- Device restarts from out of the blue
- Devices waking up or turning on without your action
- Browser tabs opening or redirecting to suspicious sites
- New browser toolbars installed
- Fake security/protection alerts, usually not showing the name of the security product vendor
- Pop-ups that your files have been encrypted by ransomware
- New apps are installed on your mobile device and you don’t remember installing them
What to Do If Your Account Has Been Compromised
Check Your Devices for Malware
See if there is any spyware, malware, or other programs that an unauthorized user may have installed on your devices to gain access. Use your anti-virus / anti-malware software to remove the malicious software as soon as possible and do so before resetting any passwords or making any changes; if any of this software lingers, they may be able to gain access all over again.
Reset Your Passwords
As soon as you think you may have been hacked, login to your account and change your password to something unique and strong. Before resetting your password, force all other devices to log out of that account, if the service provides that option. It might be annoying to log back in on your other devices, but this will ensure an unauthorized user’s sessions have been expunged.
If any of your other accounts use the same password (not the recommended practice!), then it is recommended to change the passwords on those accounts also. It might be time to consider using a password manager for generating secure passwords and storing them securely.
Use Separate Email Addresses and Phone Numbers
When your email account is hacked or your cellular phone number has been SIM jacked, your other accounts linked to these communications methods could become accessible to the unauthorized user. Consider using an app such as MySudo to create multiple digital profiles with their own email address and phone number. This will allow you to spread the risk and minimize the impact if any single email address or phone number is compromised. For example, if you have a Sudo profile for travel related services, then if those details are compromised, use of your social media, banking and other types of services remain secure and private.
Enable Multi-Factor Authentication
Multi-factor authentication adds an additional step in the authentication process on top of username and password. That additional step could be sending a code via SMS to the user’s phone number (or MySudo phone number) or use of an authentication app such as Microsoft Authenticator. When multi-factor authentication is enabled, an unauthorized user who steals/guesses username and password cannot gain access to your account. Unfortunately, not all services support multi-factor authentication.