Last week, we left off with some basic indicators to use in order to discover whether or not you’ve been hacked. So after the Thanksgiving Holiday, and Black Friday shopping frenzy, we would like to provide you with a few more helpful indicators that you can use when attempting to determine if you have been hacked or not.
Has My Information Been Part of a Data Breach?
The number of data breaches that take place has been rising exponentially over the last few years, Yahoo, Marriott, First American Financial, Facebook just to name a few have a combined total of over 2 billion user data that includes data such as name, address, and DoB, to bank account info, and social security numbers. This type of user data being out in the open could have potentially devastating effects on someone’s life. To make matters worse, unless the story hits the news cycle, most companies or 3rd parties do not immediately notify their users when they discover the breach. This leaves users holding the bag per se in finding out if their personal information has been compromised. Luckily, there is an easy way to find out if any of your information has been leaked in a public data dump.
How to Remediate?
The simplest way for any one of us to identify if any of our online data has been leaked is to use the website (Have I Been Pwned). This website will not only allow you to search their huge list of emails that have been leaked in data breaches/dumps, but they will also show you the passwords they have discovered in data dumps as well, so we all can use this list to identify if the passwords we commonly use have been leaked (always use different ones! Never one password for all, this isn’t Lord of The RIngs). They also provide recent information on companies that have been the victims of data breaches, which can further assist in identifying potential sources for data leakage.
Another helpful tip in order to protect oneself from the fallout of a data breach and potential data dump is to actively use MFA/2FA (MultiFactor Authentication/2 Factor Authentication) on as many sites/apps that will allow for it.
Your Bank Account is Missing Money
Typically, if you have lost money as the result of being hacked, the amount will be quite significant, not just a few dollars (or fractions of a penny), online criminals don’t usually just steal a little money. They will transfer close to everything, if not all of it, often to a foreign exchange or bank that they own. This usually happens because your computer/phone has been compromised or from responding to a phishing email from your “bank or stock trading company”. The hacker then logs on to your account, changes your contact information, and transfers the money to themselves.
How to Remediate?
As luck would have it, most financial institutions will replace stolen funds, even better if they can stop the transaction before the money is actually stolen. In order to be more proactive against hackers, turn on transaction alerts that send text alerts to you when something unusual is happening in your bank account. Most financial institutions allow you to set limits on transaction amounts, and if the limit is exceeded or it goes to a foreign country, you’ll be alerted. However, oftentimes hackers will reset the alerts or your contact information before they steal the money. To counteract this, make sure your financial or trading institution sends you alerts anytime your information or alerting choices are changed.
Friends Receive Social Media Messages From You, But You Didn’t Send Them?
This very issue is more common than one might think, and essentially, all it takes is for you to open a phishing invite, or message from one of your friends accounts that has already been compromised. The typical “Hey, I found this video of you! Have you seen it?” message is a popular one to try and trick unsuspecting users into opening the message, In doing so, it asks the user(s) to log in and their credentials are stolen, and can then be used by the hacker to spread more and more of their phishing messages.
How to Remediate?
The first thing to do is to warn other friends not to accept the unexpected friend request, or message. Something along the lines of, “Don’t click on that message from me. I think I’ve been hacked!”. Share the news in your common social media circles, and also try and contact customer service for the application to report the hack and see what sort of resolution they can provide.