Page 1 of 1

Hacked? what now?

PostPosted: 06 Mar 2016, 12:37
by Tormeron
Friends and guests I present to you the guide of what you should do if an account of yours was hacked.

First of all once you have discovered you were hacked, RELAX! I cannot stress that enough that you should relax, it happens to the best that an account gets hacked, now that you are relaxed browse on to the steps you should do now that you were hacked.

1. Before you access any more information and check for stuff, run a malware and antivirus scan using up to date software (Malwarebytes anti malware is a great product to clean any malware or PUPs). Don't do the rest of the steps on a malware or virus infected machine.

2. Go to your email account, check your security settings on your account and check whether your alternate email or backup email there hasn't been altered to an email of the hacker.
If it was, change it back to yours.

3. If the account that got hacked has the same password as your email, change your email password and don't use approximately the same password (for example your password was smartpass123, don't go using smartpass456 since it's easy to guess)

4. Consider adding the 2 step verification to your email account to avoid your email being hacked in the future.

5. Check your login history on the security panel in your email, and check whether there are any illogical logins to your accounts.

6. Change passwords on all accounts which share this accounts password (even though you shouldn't have the same password on more than 1 account)

7. Removed due to it being unneeded in case of users who need this guide.

8. if your email has been hacked then send out an email to all your contact list (preferably using bcc) explaining that you got hacked and that if they got an email from you that sounds suspicious, to verify with you whether it was you who sent it to them.

9. Access your bank account and double check you didn't do any payments that you haven't authorized, and check it more in the following month

Lastly, go get yourself a cup of coffee or tea and rest knowing you have done all you need to do to secure your accounts.

PostPosted: 06 Mar 2016, 12:40
by Traest
I go by the old adage: Treat your passwords like your toothbrush. Change it every six months, and don't share it with anyone.

PostPosted: 06 Mar 2016, 15:09
by Gergel
While most of Tormeron's points are quite valid, I'm totally confused about point 7. Was this maybe accidentally copypasted from a different guide or something? The rest of your the guide talks about what to do if your account has been compromised because of malware or social engineering, but point 7 talks about a "company that got hacked". If someone manages to keylog, sniff or guess your GMail password, it's highly unlikely that Google was actually compromised.

PostPosted: 06 Mar 2016, 15:33
by Tormeron
Nope, it's correct, for example if your EA account got hacked, contact EA notying they had a hack done to their system, sometimes it helps them to find holes in their security.

PostPosted: 06 Mar 2016, 15:48
by Gergel
An interesting example, considering the recent rant thread, but nope. Sorry. Telling a company that "they were hacked" even though it is far more likely that it was your own computer which was infested with n+1 pieces of malware, you're just wasting their time, and yours.

Unless you have evidence of actual security holes, of course. But the kind of people that find security holes in other companies' systems and are polite enough to notify the companies in question have no need for this particular kind of a guide.

At best you'll get back a copypaste email from their customer support, advising you to check and clean your computer.

PostPosted: 06 Mar 2016, 19:05
by Tormeron
You are right Gergel in most cases I agree, but this guide should apply also if you have been hacked with a small account at some wordpress blogging server, or a google account.
99% of the time it's social engineering or malware that are causing the issues, but I added that step in case it is a small wordpress site or small email server, or any case that isn't specific to big companies which do have their own people to double check their security.

I'll change the guide soon to make it more accurate.