Waste no time making fixes after your account is hacked

08 Jun, 2015

Often, if your account is hacked, you're the last to know. It's your friends who start wondering why you're sending out spam mails or posting odd things on Facebook. "Those affected usually have their attention drawn to the problem by third parties," says Matthias Gaertner of Germany's Federal Office for Information Security (BSI).
It's hard to get your life back on track after a hacker gets into your email account.
First, make sure there was a hack. Sometimes emails in a person's name are just a function of spam mail servers taking advantage of return addresses. "You don't have to upend your mailbox because of that," says Arne Arnold, an expert on computer security at German magazine PC Welt.
At the same time, it doesn't hurt to be safe. Arnold recommends changing passwords and running a virus check. But use both a mainstream virus programme and then an alternative one. "That provides, in a manner of speaking, a second opinion," he notes.
If an email account has been hacked, it's often the start of something worse.
"It's usually the launching point for the takeover of other accounts," says Sebastian Barchnicki of the Institute for Internet Security. Hackers will then begin to see if they can use the address to gain access to popular services and online retailers.
Barchnicki says the best way to avoid this problem is to use different passwords for each service and to change them all regularly.
If you're locked out of your account, the service provider is the only one who can help. Many have service hotlines.
"Some even have emergency numbers that specialise in helping in cases of hacking," says Gaertner. If financial costs are incurred - such as if the hacker goes on a shopping spree with your money - let the service provider and the police know immediately.
If the hacker managed to install a keylogger programme onto your machine, it won't help to make up new passwords because the logger will note everything you type. Get your computer screened and cleaned as soon as there's even a hint of a virus or a Trojan, warns Gaertner. Many virus scanners offer free emergency CDs or USB sticks, or even cleaning programmes, for these situations when it becomes necessary to scrub the computer.
And then there's the case of ransomware, where none of the above will help because the computer has been locked until the owner makes a payment. The only other option is to reset the computer. "Cleaning it properly is too complex for most laymen," says Gaertner.
Problems can still lurk even after the malware is removed, warns Barchnicki.
"It's not unusual for fragments to linger, which can become active again at some point." That means anyone who wants to be absolutely safe will have to take the plunge and perform a complete new installation.
Keep an eye on your router as well, as that can also be the subject of attacks. Arnold says such malware is difficult for anti-virus programmes to detect "since the malware manipulates the DNS server and erases itself afterward." After that, the router directs users to phishing sites. The only solution here is to return the router to its factory settings. Being aware and sceptical are internet surfers two best defences against getting hacked in the first place. Think twice before filling out forms online, since phishing groups like to copy such application forms in an effort to gain access to logon data.
"The only thing that can help here is a high level of mistrust," says Arnold. "Always be on the alert with your own login data." And always be wary of links and attachments in unexpected mails, since they will often take you straight to a phishing site.

Read Comments