This morning I received an email proposedly from a friend. It was a very good example of the utter havoc that a friends phone / computer being hacked can cause.
1st email from a the friends email address.
How are you doing today?
I need a favour from you, i’m unavailable on phone, kindly let me know if you are online.
Await your swift response.
2nd email from an email address which is the same name but now with a new gmail account
I am sorry for bothering you with this mail, i need to get an Amazon gift card for my Niece, Its her birthday but I can’t do this now because I’m currently out of reach and i have a little issues with my amazon account, can you get it from any store around you or try buying online for me? I’ll reimburse you hopefully next weekend.
Waiting to read back from you
At this point, having now come fully awake, alarm bells rang. They should have been ringing after the 1st email, but I plead lack of coffee. If I had continued to engage with my “friend”, the best outcome might have been that I would send an Amazon gift card £100 and lost the money, the worst might have been that my computer would have been infected as well….
What must have happened
First the hackers must have taken control of my friends computer or the email account. In this case, it was the computer. The most common ways are:
- Emails containing viruses and malware – This is one of the most popular methods of spreading malware hidden in an attachment in the email. Once the attachment is opened, the malicious software executes and/or downloads onto the computer that receives it.
- Emails with links to malicious websites – Often referred to as phishing these emails attempt to emulate legitimate emails from well-known organisations that the receiver would tend to trust such as a bank. The html links lead to fake websites which try and trick the user entering sensitive information such as passwords and banking details. Sometimes these websites also attempt to install malware, viruses or spyware on the recipient’s computer.
- Social networking pages – People tend to let down their guard and be less wary on social networking sites. With this method, a fake profile entices real users into following links to malicious websites or giving up sensitive personal information.
- A phishing scam that asks you to “confirm” your password. These types of scam emails can be convincing. But you should never respond to any unexpected message that asks you to verify your password, account numbers, addresses, or any other information of this kind.
Once a hacker has control of your computer, they can wander around at will and look at all your files, your stored passwords, your whole life….
What to do when you have been hacked
Isolate Your Computer
In order to cut the connection that the hacker is using to “pull the strings” on your computer, you need to isolate it so it can’t communicate on a network. Isolation will prevent it from being used to attack other computers as well as preventing the hacker from continuing to be able to obtain files and other information. Pull the network cable out of your PC and turn off the Wi-Fi connection. If you have a laptop, there is often a switch to turn the Wi-Fi off. Don’t rely on doing this through software, as the hacker’s malware may tell you something is turned off when it is really still connected.
Inform the National Fraud Intelligence Bureau (NFIB)
Report a fraud to Action Fraud, by Tel 0300 123 2040 or using the on-line tool. You are then given a police crime reference number and your case will be referred on to the National Fraud Intelligence Bureau (NFIB), which is run by the police service. This have benefits when you might have to change any bank accounts and credit cards. Once you report to your bank and have a crime reference, you are indemnified against further losses. Check the GOV website Avoid and report internet scams and phishing.
Now Calm, Down and Assess the situation
Having done the important bits, just sit down and have a cup of tea. Make a list of things to do and people to talk to. It’s not the end of the world.
- Your computer will have to be looked at by someone who knows what to do.
- You might want to change ALL your financial passwords.
- You need to contact your Internet provider and change ALL your online passwords.
- You might want to contact all your email contacts that your email account has been hacked.
- Talk to a friend or someone who can give you advice, help and support. After all, you have just been burgled!
Prevention is MUCH better that the cure
This is a case where prevention is MUCH better than the cure.
- Every computer needs good and UPTODATE Virus/Malware. Think of it as insurance. You wouldn’t drive without insurance and you wouldn’t not have insurance for your house. So why penny pinch on insurance for your computer? Personally I use Malwarebytes, because I don’t find it too intrusive.
- Use STRONG passwords (not dogs name) and also a PASSWORD KEEPER. A file called “passwords” is the first thing hackers will look for.
- Be AWARE. Think of surfing the internet as swimming in the sea off the beach. One has to be aware of what your doing. It can be dangerous. Don’t touch / open / click unless you know who it came from and know what it is.
- BACKUP everything. If your computer stops today, can you start again on a new PC tomorrow? In these days of “Cloud” computing all your files should be backed up somewhere in the cloud. There are many providers who would do this for you. (Google/Amazon/Microsoft/Dropbox etc)
I hope you find the above of use, and if you have any tips, suggestions or improvements for this article please feel free to use the comments section below.
App Charity Comment COVID-19 Dursley Rugby Club Environment Footpaths friends of st cyrs Fun Heritage Walk Hidden Gardens History Information Jubilee Last Night Local News Open 2 All Our Environment Parish Council Phone Box Post Box Ride&Stride Roads Rugby Club Scams Speeding Speedwatch St Cyrs Stinchcombe Playground Stroud District Council Testing TGIF Toad Patrol Tyndale Village Hall Virtual Village What's on