Cyber security tips
Woman sitting at her computer, looking at the screen with scrutiny.

I’ve been hacked, what do I do?

With new technology regularly emerging, the internet can be a daunting place. Regardless of your level of security or technology expertise, you might eventually have the misfortune of being hacked at home or at work. The more quickly you can identify something is wrong and take action, the more likely you are to lessen the impacts.

Signs you’ve been hacked

Online accounts and services

  • Your family and friends let you know they’ve received weird or unusual message or invitations from you that you definitely did not send.
  • Using your correct password won’t work for one or more of your accounts and you did not recently change it.
  • You receive alerts or notifications of login to websites when you know you didn’t log in on those instances.
  • You receive email confirmations of profile or account changes that you did not make.

Mobile devices or computers

  • You receive an alert from your antivirus program telling you that your system is infected. (Double check the alert by opening your antivirus program manually, to ensure it is really your antivirus and not a random pop-up window from a website urging you to install something.)
  • Unwanted new pages/tabs appear at random while you’re using your web browser, or you are often redirected to other pages you weren’t seeking out.
  • You receive a pop up saying your computer or device has been encrypted and a ransom must be paid in order to regain control.

Financial accounts or credit cards

  • Unknown, suspicious charges or transfers appear on your statement that you did not authorise.

What to do? Take back control!

If you believe you have been hacked, try to keep calm. It’s great you’ve identified it, and now it’s time to take back control.

For a suspected hacking in the work environment, report it to your manager or IT team as soon as possible – they’ll take control and will advise you of any actions they would like you to take.

With personal devices and accounts:

  • Recover online accounts. If you still have access, log in from a trusted device/computer. Reset your password with a strong and unique, completely new password. If you previously did not have multi-factor authentication (MFA) turned on, enable it. If you don’t have access, contact the website or service and let them know your account has been compromised and request recovery assistance. For any accounts you have that shared the same password, be sure to change them to unique passwords immediately.
  • Recover personal devices or computer. If your antivirus program is not successful in fixing the infection, or if you’d prefer to be more confident your system is safe, consider wiping and reinstalling the operating system. If the device is old, it might be the right time to replace it with a new one.
  • Financial accounts and credit cards. Call your financial institution right away, using the published contact on their website or the one printed on your card. The sooner you notify them, the more likely you’ll be able to recover your funds. Following recovery, be sure to keep a close eye on your transactions and enable transaction notifications if available.

You can also report cybercrimes from the business or personal environment to help the relevant authorities to disrupt cybercrime operations. In Australia, report to ACSC ReportCyber, and Action Fraud in the UK.

How to stay ahead of cyber attackers

Here are a few key steps you can take to increase your online security:

  1. Ensure all your devices and systems have the latest updates applied by turning automatic updates on.
  2. Use strong, unique passwords for each of your accounts and manage them with a password manager. Most services now offer MFA, ensure it’s set up and enabled.
  3. Remain sceptical at all times – be aware of the manipulation techniques used in phishing emails.
  4. Safeguard your data both online and offline (is anyone looking over your shoulder?) and limit your account logins to trusted devices.
  5. Be cautious of public Wi-Fi and if necessary, only connect to unknown networks through a VPN.

MyEmpire Group helps businesses stay fortified online. Contact us to discuss how we can help you improve your organisation’s risk posture.