Have I Been Hacked? 6 Ways to Tell If You’ve Been Hacked.

Many of us are constantly worrying: why did I click that link? Why did I go to that site? Why did I respond to that email? While there are many things we can do to keep ourselves and our organizations from being hacked, everyone makes a mistake every now and again. But being aware of the telltale signs you’ve been hacked can change the up-all-night question from, “Have I Been Hacked?” to “What Should I Do Now?” And asking that question can make all the difference.

  1. My Gadget is Too Slow!

Your computer is working fine, zipping along, and then … you wait. And wait. Your software gets sluggish, or constantly freezes or crashes. The commands you type take a few extra moments to respond, and your apps take forever to open. If you start noticing some of these symptoms, your gadget may be infected with viruses, trojans or worms. “Have I been hacked?” Quite possibly. Malicious software usually runs in the background, eating up your gadget’s resources while it’s active, often slowing down your system to a crawl.

  1. Why Am I Getting So Many Pop-up Ads?

Did you know malware can add bookmarks to your web browser, website shortcuts to your home screen, and modify the pop-up ads that you get while browsing? And when you click on that pop-up you could download another virus or be taken to a corrupt website selling bogus products or services to get your credit card information. “Have I been hacked?” If you start noticing browser pop-up ads from websites that don’t normally generate them, then the answer is probably, “yes.”

  1. I Got a Ransom Message!

Ransomware is malware that makes your data inaccessible unless you pay a ransom, often in online currency. “Have I been hacked?” If you get a ransomware demand, it could be fake, but there’s also a significant chance your data is gone unless you pay up. If you have a good, recent backup, you can simply recover the data without paying the ransom. If you haven’t backed up your data, you are at the mercy of the hackers holding your ransom. They might send you an encryption code to unlock your data if you pay the ransom. Then again, maybe they won’t.

  1. My Online Password Doesn’t Work!

You’ve typed your password five times. It’s the same password you always use. You’re getting annoyed it’s not working, and so you ask yourself, “Have I been hacked?” Someone might have logged in to your account and changed the password. But how? Per a current article by CSO online, this is most likely to happen after you’ve responded to a phishing email that looked legit, but wasn’t. You get an email you think is from a coworker or a vendor, and you share personal information, and next thing you know a site, with your credit card information conveniently stored, is in someone else’s hands. This is also why using the same passwords on multiple sites is a bad idea. Contacting one website to report fraudulent use is a challenge;  trying to remember all the dozens of sites with your password may be impossible.

  1. I Got An Antivirus Message!

This scam was a bit more prominent a few years ago, but it still comes up every now and again. Typically, you will get an antivirus warning after your computer has been infected. Get protection now! Your system may be compromised! Danger, Will Robinson! “Have I been hacked?” You bet. Clicking on the link takes you to a professional-looking website where they ask for your credit card number and billing information. The hacker now has control of your system and your credit card. It’s win-win for them (and lose-lose for you).

  1. “Where Did This Program Come From?”

Sometimes malicious programs are disguised as legitimate software. But if you don’t recognize the program it may be malicious. Unwanted software is sometimes installed at the same time you install another program; free programs you download from the web are often to blame. “Have I been hacked?” It’s a strong possibility. Always read your license agreements–some free programs actually admit they will be installing spyware or malware onto your computer to avoid legal action against them. They assume you’ll never read the agreement. Most people don’t.

“Have I Been Hacked?” If the Answer is Yes, Here’s What You Need to Do Now

If you have been hacked, you’re not alone. Research company Vanson Bourn found that 44% of organizations they surveyed had suffered multiple hacks in the last year, with an average loss of more than $1 million per company. Have I been hacked?” If so, you need to act quickly and:

  • Change all your passwords. Do this from another machine, as hackers can capture your keystrokes (commonly called keystroke logging). Don’t repeat any password on more than one page.
  • Use a password manager. Coming up with memorable and hard-to-uncover password for every site is nearly impossible. A password manager will create secure passwords and store them for you.
  • Enable two-factor authentication. If you’re not already doing this, use two-factor authentication for all your passwords. A hacker will need both your password and access to a physical device, like your phone, to access a site.
  • Report fraud. Always report fraud right away. Contact your bank and put a freeze on all your vulnerable credit cards immediately.
  • Update your antivirus software. While not 100% effective, these do work. Use a well-known provider. Some antivirus software is created by hackers, and the software will infect your machine, not protect it.
  • Check for new accounts. Open your Inbox, Spam, Trash, and Sent email folders to see if your email was used to set up new accounts—such as emails with subject lines that say, “Your account was successfully created.”
  • Reinstall your operating system and back up files. Reinstall your operating system, wipe your hard drive clean, and retrieve your backup files.

Or, call Single Path

Ideally, before you say,Have I been hacked?” you’ll take action to avoid that problem, such as calling Single Path. We can help restore your system after a hack, or even better, help prevent one from happening. Our Security Offerings give you a line of defense that leave hackers frustrated and seeking easier prey. And our Managed Cloud Services give you access to leading technology with the most recent security patches, without the need for ongoing investments. So, instead of asking “Have I been hacked?” you’ll be saying, “I’m glad I called Single Path.”

Ask us how to get started! 

What the Equifax Breach Teaches Us

identity-theftAs nearly everyone knows, Equifax recently reported a data breach, which has put more than a hundred million people at risk. As the Federal Trade Commission puts it bluntly, “If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.”

The facts are undisputed. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. Yet Equifax didn’t inform the public until September 7th. Within a week of that announcement, both Equifax’s Chief Security Officer and Chief Information Officer were fired, Equifax became a source of anger from the public, a source of investigation by the U.S. government, and a source of ridicule on late night television.

As Wired Magazine stated in an article dated September 14 titled Equifax Officially Has No Excuse, “Capping a week of incompetence, failures and general shady behavior in responding to its massive data breach, Equifax has confirmed that attackers entered its system in mid-May through a web-application vulnerability that had a patch available in March … As the security community processes the news and scrutinizes Equifax’s cybersecurity posture, numerous doubts have surfaced about the organization’s competence as a data steward.”

Even Worse, It was Entirely Preventable

According to Equifax itself, the data breach was due to a flaw in the Apache Struts Web Framework, a widely used enterprise platform. Equifax discovered the bug months before the breach occurred, yet did nothing to fix it. This decision is surprising, as the remedy to fix it was a relatively simple procedure. Equifax was provided clean and simple instructions on what to do. Instead, they chose to do nothing.

At best, the refusal to fix this major flaw was negligent. At worst…well, that’s still to be determined.

Once Trust Is Gone, It’s Gone

Since this ongoing fiasco was first made public, how many people are excited about the immediate prospects of Equifax? Its stock lost more than 35% of its value within days of the news coming out, and has remained significantly lower than its pre-breach levels. Meanwhile, the Department of Justice is looking into criminal charges against high-level Equifax executives who sold nearly $2 million in stock before Equifax released the data breach information.

While it is too early to determine the long-term future of Equifax, if it has one, individuals and municipalities have filed numerous lawsuits (including one by the city of Chicago on September 28 of behalf of its citizens, following in the footsteps of San Francisco which filed suit just two days earlier; more cities are expected to follow) and politicians are calling for more investigations. As the lawsuits go through the system and people’s lives are disrupted—this breach affects nearly everyone who has had a credit report run—the news of Equifax’s lax security standards and insufficient response will only linger, as will public outrage.

Are You the Next Equifax?

While it’s true a breach can affect any business at any time, arrogance and a refusal to protect your data will only hurt your business’s rebound and make the prospects for its success questionable. Recent and well-publicized data breaches from Target, Home Depot and others have demonstrated that open communication can go a long way to restoring public trust; a path that Equifax has so far seemed reluctant to follow, at its own risk.

But openness after the fact is only one step—the best step is to be proactive and do all you can to avoid a breach in the first place. That means not only ensuring appropriate safeguards, but also backing up data in case you are hit by a malicious cyber attack that compromises, erases or prohibits access.

As we detailed in a recent blog post about cypersecurity attacks, “formulating a multi-layered plan including continual back-ups and implementing best practices, such as employee education, is of paramount importance.” This includes back-up protection, strong email security, artificial-intelligence-based security and more. In short, you not only need to protect your customers, but yourself. Safeguarding information rewards your customers’ trust but also ensures your company doesn’t miss a beat in the event of a cybersecurity breach.

Learn more about how Single Path’s Security Offerings can help you create a cyber strategy and protect your data and your reputation.

Ask us how to get started!