Bad things happen to good people. And unfortunately as online hacking increases it is also true that bad things happen to social people. As more of us crowd online for the benefits “bad guys” are joining online as they see the social network as a network of victims for the taking.
It is best to work hard to actively protect your computer.
But even then bad things happen to good people. Reacting quickly to a negative event is important.
How do you know if your account has been hacked or highjacked?
- Are you seeing unexpected communications from your account?
- Are you getting replies from friends to messages you didn’t send?
- Are account changes occurring that you didn’t make or approve (like following, unfollowing, blocking, liking, etc.)
- Have you received notification that from your provider that you have recently changed settings (particularly passwords or email addresses associated with the account)?
- Have you received notification that you are logging onto another computer, when you are certain you are not?
If you think you’ve had an account highjacked it is best to start with the help or support site of the compromised tool. Many offer services to support users that have been hacked. I've listed some top firms here:
If you have had an account on another service hacked go to support or help or customer service. Search for their recepei to recover the account. Frankly, with some newer services the suppor just might not be in place yet for that sort of thing. Register with their suppor however they accept support tickets. And then google that service with the terms "hacked account" or "compromised account". Chances are you aren't the first. But only go to web if the information provided by your provider doesn't help.
Follow the instructions to recover your account. Depending on what has happened it might be a quick fix or it might be huge pain. Regardless do it quickly. The longer the compromise stays active the more damage can occur.
While you are recovering your account you also want to ask yourself the following questions:
Did I use a common password for the compromised account that I share with other accounts?
If you do, change all of your passwords. Use strong passwords and don’t reuse them sight to sight. If you don’t want to bother changing passwords your compromise just might grow from a seemingly benign social media tool like Facebook or Twitter into your work email, your bank account or something else of much greater value.
Is your anti-virus up to date?
If yes, scan your entire device. If no, update it and then scan your entire device. (If you are one of my highly social friends that is Mac-based stop snickering. Find an anti-virus program for your machine, update it and scan it. As the MacOs grows in popularity it is becoming a target for malware writers, too).
Did your compromised account connect to other services?
Services like Facebook Connect and Google’s Connected accounts can use your credentials to log into other services. Check to make sure those accounts were not connected to any other services, and if they were check to make sure nothing in those accounts has been compromised. Remember your mobile devices as well, if you have a device like an Android phone a decent amount of your personal data is backed up using those same credentials. This means that the attacker now has all of your phone contacts and any other information backed up with Google.
Are you certain your browser and its add-on components are up to date, patched and secured?
Check the security of your browser and its add-on components with Qualys BrowserCheck.
Is the information on your system backed up and easily recoverable?
If yes, good for you. This could have been a lot worse but at least you had all your important work in a place it could be recovered.
If no, count yourself lucky. Now go back your data up!