Sunday, February 7, 2021

I have been hacked, now what?

  A saying in cyber security: you have been hacked, or you have been hacked and do not yet know you have been hacked.

 With breaches due to hacks or breaches due to ransomware where the organization is not required to disclose a breach it they have no proof the data has been stolen before the data was encrypted  chances are some of your IDentity is out of your control.

 Some advise, conduct yourself as if you have been hacked.

 Some indicators:

 Reports that you have sent unusual messages via email, social media, etc.

 You have had to reset a passphrase you were sure was correct.

 You receive notification something is amiss with an account. Not those notifications that are phishing lures to compel you to supply valid credentials to address a problem with your account. Do not click on any such notification, Use known good methods to check the account at the known vendor's site.

 You get alert or notice an unknown transaction at any of your financial institutions. No matter the amount.

 You get notification on your PC, tablet, smart device, etc. that there is a problem. An offer to fix the issue via phone, chat, etc. Put on your detective hat and really investigate. 

 You get notification some of your files have been encrypted and you must pay a ransom to get your files unencrypted. This is ransomware.

 Your device is slower than normal. Applications will not load or take a long time to load. 

 While browsing you get WEB pages you did not request, your home page has changed, search results seem suspicious.


 Personal device hacking with such indicators is rare now. The attack will be as stealth as possible. The attackers are after your wealth. They are not after you, they are after any/everyone.

 So, best course of action?

 Assume your IDentity has been cloned, available for sale on the dark web, being monitored for the best time to use the compromised IDentification.

1) Use a known secure access method to reset your passphrase if you still have access. Employ Multi Factor Authentication method(s). A hardware token, an authenticator application, or a device to receive an authenticator code.

2) If you are locked out of your account, use a secure access method to contact the vendor and request an account reset. Have the vendor clear any account actions you did not make.

3) If you device has been compromised, it is best practice to reset to factory settings, do a clean install, apply any and all patches and updates, then recover your needed applications and your data.

4) For any and all financial accounts, report to the bank or financial institution, file a police report, and report to the FTC.

https://ReportFraud.ftc.gov

5) Keep very good records of any/all events to include expenses you incur

6) Notify your insurance companies. You might be covered for a portion of your expenses.

7) Notify your insurance company. You might add a rider to your policy. Or shop for IDentity protection policies. You would be surprised on how much personal expense victims incur. PLUS tie time it takes to get your IDentity recovered.

8) Investigate any suspicious notifications: Unemployment you did not file for, orders you did not place, welcome to your new account you did not open, etc.



 


2 comments:

  1. I am troubled by the security ramifications of our Covid 19 vaccination registration at the Sun City ballroom.

    This registration process was that we were sent a text message, and we were then required to provide most of our personal financial information (our full Social Security numbers, our mother's first and last maiden names, pictures of the front and back of our drivers license, and of course they had a multitude an almost endless forms and disclosures we are required to sign electronically.

    The fact that I was required to personally enter all this information from my phone to an unknown text destination is troubling to me.

    Am I more worried about this that I should be? Why require me to reenter all the stuff by text on an unknown program?

    ReplyDelete
    Replies
    1. i agree. i didn't have to enter to an unknown program. we registered at a WEB site and i checked several things before entering any data AND really read the 5 forms we were required to read and acknowledge. if you have seen the OSINT site, any and all information requested was available on public forums.
      i am thankful for the awareness and raising your concern.

      Delete