How to Tell If You’ve Been Hacked
Most people rely on their computers and other connected devices on a daily basis for work, entertainment, education, and communication. These devices have become a powerful part of our lives. When hackers are able to access these devices, it can feel like a major violation of privacy and trust.
With nearly one million new forms of malware being released every day, it can be impossible for the average user to stay on top of the latest threats. The good news is that this doesn’t mean that you’re completely helpless. Understanding some important computer safety practices, knowing what to look for when you’ve been hacked, and how to solve the issue can all help you maintain and/or restore your privacy.
Browser hacking
Web browsing is one of the most common activities people will participate in online. That makes it a prime hacking opportunity, with a number of random ways for hackers to gain unauthorized access.
How do people get hacked?
Every website, every download, and every popup advertisement could potentially be a hack. Of course, most popular websites are safe to use, but there are many websites designed to hijack a user’s browser for nefarious purposes.
Some malicious websites can install hacks without the user’s knowledge, which gives hackers access to usernames and passwords, as well as a whole host of online accounts, including financial institutions.
Another type of browser hack involves convincing a user to unknowingly install malicious code in the form of a browser extension. Popular browsers like Chrome and Firefox allow users to install browser extensions that can improve the capability of their browsers. Trusted extensions are available through the browser’s app store, but users can also install extensions from third-party providers.
There is also a form of hacking called Wi-Fi hacking. This does not necessarily directly affect your browser but hackers can use tools on open public Wi-Fi networks to monitor data being sent over the network and then steal the information for their own use. This is why it is not recommended you use a browser to check important personal information like banking details on a public wi-fi network without first connecting to a VPN which can encrypt your data and make it impossible for hackers to monitor.
How to determine if your browser has been hacked
Identifying a browser hack can be difficult. Some hacks sit quietly in the background to try and avoid detection by the user. Other hacks may be much more noticeable.
- One surefire indication that your browser has been hacked is if your home page has been changed without your input or if you are noticing that entering the address of your favorite website causes you to be redirected to a totally different website. Often, these websites are advertising pornography, gambling, or fake antivirus software.
- Poor device performance could also indicate you have been hacked. Some malicious browser extensions are able to use your computer hardware for cryptocurrency mining, for example. Since your processor is being pushed to mine cryptocurrency, performance for other tasks can slow to a crawl.
- Frequent pop-up ads or security warnings can also be a sign that your browser has been hacked. Some popups while browsing the web are to be expected. However, security warnings indicating that you need to download software or advertisements for adult content when you are not visiting adult websites are not normal browser behaviors. In some cases, the popups can be so frequent and pervasive that they make browsing the web almost impossible.
How to fix browser hacks
If your browser has been hacked, there are some steps to take to resolve the problem and prevent further hacking or data loss.
- Scan Your Computer for Malware – Use a trusted anti-malware or virus scanner to see if there are any malicious programs installed on your device. This will catch any malware installed on your device but may not necessarily notice a malicious browser extension.
- Perform a Clean Install of Your Browser – Many people will attempt to uninstall browser toolbars or extensions to remove the malware threat. In some cases, this may be helpful if the infection is localized to those specific pieces of software. However, there could be additional threats hiding out of plain sight that will not be resolved by simply uninstalling specific extensions. The safest way to ensure the threat is removed is by completely uninstalling the software and then installing fresh from scratch.
- Practice Safe Browsing in the Future – Once a clean install has been done and you have verified no other malware is on your device, it’s important to practice safe browsing moving forward to prevent further infections. Only visit trusted websites, only download extensions from the approved browser store, and never click on suspicious links or popups.
Email hacking
Your email is one of your most essential forms of communication, and having your email account hacked can be a devastating experience.
How do email accounts get hacked?
The most common way that email accounts get hacked is through password stealing. After all, hackers need your password in order to access your email.
One method of accessing email accounts is simply brute forcing passwords. Hackers can use programs to guess passwords based on common words or phrases. These programs will try thousands of passwords in a short period of time.
A more common method of hacking email passwords is simply stealing the password itself. This can be done by installing malware onto a device that tracks keystrokes, known as a keylogger. In some cases, if you use the same password across multiple services, a data breach with one service can open up all of your accounts to hacking.
Phishing attacks are another popular way of stealing email passwords, or even smishing attacks if the fake message is primarily aimed at your phone. Hackers will send emails that appear to be legitimate and ask users for login information to verify themselves.
In reality, email providers and other services will never ask you to send them login info in order to verify yourself. This is a red flag and could indicate that you are the target of a phishing attack.
How to determine if your email has been hacked
- One easy way to tell that your email has been hacked is if you can no longer log into your email inbox. When hackers gain access, they will often change your password to try and stop you from locking them out again.
- If you find yourself suddenly logged out of your email account and unable to log back in due to an incorrect password, this could indicate that your email has been hacked.
- Another way hackers will use your email is by sending spam from your address to contacts in your address book. Since these contacts recognize your email address as legitimate, their guard may be down, which makes it much easier for hackers to launch phishing attacks or send spam for adult websites, fake security software, and other unwanted services.
- If your friends or family are questioning strange emails from you that you do not recall sending, this may be an important sign that your email account has been hacked.
How to fix an email hack
If you have reason to believe that your email has been hacked, here are some steps you can take to help solve the issue.
- Scan Your Devices for Malware – The first step is to ensure you remove any malware that may potentially be logging keystrokes and stealing passwords. Scan your device with a trusted anti-malware software to ensure the problem is removed before moving ahead to other steps.
- Change Your Email Password – If a hacker has accessed your email then they have access to your password. Changing your password will stop them dead in their tracks. Choose a password that is difficult to guess and unique from all of your other passwords. Using a password manager can help you keep track of your different passwords, and some of them even generate unique passwords for you.
- Set Up Two-Factor Authentication – A password is just one layer of security and, if you have been hacked, then you are well aware that it is not 100% secure. Setting up an additional layer of security like two-factor authentication can prevent hackers from logging into your email account even if they do manage to steal your password. Two-factor authentication requires users to enter a code that is either texted to their phone or generated using an authenticator app like Google Authenticator.
- Security questions are also a good extra layer of security but they are not as secure as two-factor authentication that uses a randomly generated code. If you do wish to use security questions, don’t choose questions that can be easily guessed by people that know you or people who have gleaned information from your public social media profiles.
Phone hacking
If you have a smartphone then, chances are, it is an important part of your life. It contains your contacts, your calendar, your email, and much more. It’s no wonder these devices are popular targets for hackers that want access to your personal information.
How do phones get hacked?
Both Android and iOS operating systems are built to be very secure. However, they can still be hacked just like any other connected device.
A common method of hacking is by installing malicious apps. Apple and Google work hard to verify the security of the apps on their app stores and remove anything that does not meet their standards. Unfortunately, however, some users will install apps that are not available in the official stores. These apps may have malicious code that can steal information, install other programs, or even lock user devices.
Password stealing is another common method of phone hacking. Much like the email hacking methods listed above, hackers can steal phone passwords and PINs. And even if the phone is not in a hackers possession, they can still perform actions like remotely locking and wiping the device, installing malicious apps, or stealing information.
How to determine if your phone has been hacked
There are some important things to look out for that may suggest your phone has been hacked.
- Poor performance is a strong indicator that your phone may be hacked. While most phones will experience declining performance over time, this is usually a slow and gradual process. Rapid slowdowns and performance loss may indicate something else out of the ordinary is at play. Some malicious apps, for example, can hijack a phone’s processors to mine cryptocurrency.
- Popups and advertisements on the device may also be a sign that the phone has been hacked. While the occasional popup on a website is not out of the ordinary, frequent popups that are intrusive and advertising adult content are not normal.
How to fix a phone hack
Following these steps can give you back control of your smartphone.
- Uninstall All Suspicious Apps – Any app that was not downloaded from the official app store or apps that you do not recall downloading should be uninstalled. As a rule, those that want to ensure the safety of their device should avoid installing any apps from sources outside of the official app stores.
- Change Device Passwords – This is a good opportunity to also change device passwords and update the passwords on services used on the phone. Your passwords should be unique and difficult to guess. As mentioned above, you may want to use a password manager to keep track of everything.
- Perform all Software Updates– iOS and Android, as well as the apps you download, are updated frequently. Not only do these updates introduce new features, but they also help improve security by eliminating bugs or security holes. Putting off updates can leave your phone vulnerable to hacks.
- Do a Factory Reset (Optional) – This step may not be necessary if the above steps appear to resolve the issue. However, if the phone continues to perform poorly or display unwanted ads, users may want to perform a factory reset on their device through the settings. Please note that this will wipe all of your data and essentially return the phone to the state it was in when you bought it. This should be a last ditch effort to fix phone hacking.
Facebook and social media hacking
Social media is a great way to share information and keep in contact with friends and family around the world. This makes social media sites like Facebook a great communication tool but they are also prime targets for hackers.
How do social network accounts get hacked?
Hackers gain access to social media profiles by using the passwords set up by users to log in to their accounts. How they get these passwords can vary.
- One method is to simply guess the password using software. This software can guess hundreds or thousands of passwords very quickly. A strong password will be hard for the software to guess as the software tends to focus on common words, phrases, and numbers.
- More commonly, passwords are stolen by tricking users. Malicious code on your device may track keystrokes and send password information to hackers so that they are able to access your social media accounts.
- With social media sites like Facebook, users can also link apps to their profiles. Hackers have been able to develop malicious apps that steal user information which, in some cases, can include passwords.
- Phishing attempts are another popular method that hackers use to steal passwords. Emails that appear legitimate are sent out to users. The email will look like it’s from Facebook or Twitter and ask a user to log in to verify their identity. The link in the email takes a user to a fake website where they enter their login information which is forwarded to the hackers.
- There have been cases in the past where Facebook accounts were being cloned. While this is not a “hack” in the purest sense of the word, it can certainly feel very similar. Users have noticed that there are accounts that share the same name and photos as their friends or family. After accepting these friend requests, users are inundated with spam messages which may contain malware or malicious links. If you receive a friend request from someone you know, but the profile is light on content with maybe just a handful of photos and information, check with your friend outside of Facebook first to see if this new account is legitimate.
How to determine if your social media accounts have been hacked
One of the most common ways people will become aware of their social media accounts being hacked is when they hear from friends or family that they are posting strange updates or sending unusual messages. Hackers will post spam messages that share products or services. In many cases, the links that are shared lead to malicious websites which help hackers collect even more information.
Users that can no longer log in to their social media accounts may also find they have been hacked. Often, once a hacker gains access, they will change passwords to prevent users from logging in and stopping the messages from being sent.
How to fix social media hacks
These steps can stop hackers from spamming your friends and family and allow you to take back control over your own personal social media profile.
- Change Your Password Immediately – The first step to stopping a social media hacker is to change your password. This will stop them from being able to log in and continue sending malicious content to your friends or followers.
- Remove Suspicious Apps – Review linked apps and services in the settings menu of the platform you are using. Disable or remove any apps or services that you do not need.
- Scan Your Computer for Malware – If a hacker stole your password with a keylogger then the malware may still be on your computer. Scan your device with a trusted anti-malware program to remove the malicious software.
- Set Up 2-Factor Authentication – Most popular social media platforms offer two-factor authentication which adds another layer of security when logging in. Even if a hacker were to steal your password in the future, they would be unable to access the account thanks to two-factor authentication. In addition, your authentication method can sometimes indicate someone is trying to access your account and prompt you to change your password.
Resources
There are some helpful resources that you can use to protect yourself online.
- If you find that creating and remembering complex passwords is a challenge, then you could try a password generator and keeper service like 1Password. This service can generate incredibly complex passwords that are almost impossible for most hackers to brute force and guess. Then, these passwords are stored in a secure, encrypted location for you to review later. There is no need actually to remember or write down the password you generated.
- Two-factor authentication is another great security tool, and most popular websites support the feature now. Google Authenticator is one of the most highly recommended apps for two-factor code generation. Setting it up is simple, and the process only adds a few more seconds to your usual login process.
- Using a VPN is also a very helpful tool in protecting your information. This is especially true if you find yourself using open public Wifi networks like those found in coffee shops, airports, and other public locations. ExpressVPN comes highly recommended online and is simple to use. There are a number of other services available to protect your data online.
- Finally, users may wish to install anti-malware protection on their devices. Malwarebytes is a popular choice for many users. You can set up regular scans to check for malware and, if any is found, Malwarebytes will quarantine and remove the infection so that you can continue to use your device safely. Combined with smart browsing and downloading habits, anti-malware software can be an important second layer of security.