Falling victim to a hack or scam can be a very difficult experience that leaves people feeling vulnerable. Knowing how to recover after being hacked or scammed is vital in this day and age.
Whether it was a tech support scam, phishing email, stolen account or any of the other various ways malicious computer users take advantage of others, the feeling of vulnerability it leaves can be overwhelming.
In this post we will go over steps to take after falling victim to any of these actions. The lessons users learn here can help assure that it never happens again.
Always check to see the sender’s real email address. Users can click on the blue name next to “from” on an email to reveal the actual email address. Emails can show any display name, so this cannot be relied on.
This is a good way to tell if an email is real or fake. Real ones will always end in the actual website sent, for example a real email from verizon would end in Verizon.com. Beneath is an example of a fake one.
Secure All Devices
Whenever a user falls victim to a scam it is important to make sure all devices involved are protected.
Depending on the type of scam, not all steps will apply, but if a user doesn’t understand online security well, doing them all is still a good idea.
Run a virus and malware scan on the device that was used during the scam. If the user did not download anything to their computer, or allow anyone else onto their computer to download anything, it is unlikely a virus or malware has been installed. Most of these programs need to be initiated by the computer user and installed to the device in order for them to cause harm.
Tech support scammers often get people to download programs like Teamviewer, anydesk, or Google Chrome Remote Desktop. These programs by themselves are not malicious, but can be used for malicious purposes. These programs can allow scammers to gain access to the users’ device.
If a user allows a scammer onto their device, it’s hard to know exactly they are going to do. Some can and will install malware. Other just pretend the device is infected to try to get money out of the victim.
Malware scans will not hurt and might help, so run a program like Malwarebytes or another virus scanner. This can give peace of mind that the device is uninfected. Be sure to run full scans of the device, and not just quick scans. This is important in case something malicious is deeply imbedded in the devices system.
Secure All Accounts
Once users have secured their devices, the next important step is to secure their accounts. This involves changing passwords to lock the scammers out.
It is important to identify which accounts might have been compromised. Once identified take steps to recover them properly.
If an account was stolen or info was typed into a malicious website, be sure to change the password involved. Always activate any type of two-factor authentication (2FA) that is available. This will keep users out of the account even if they managed to get the password again.
If users are unsure of which accounts are compromised, it may be required to change passwords on many of them. Often times that is a drastic measure. Being phished or scammed for a specific account can leave feelings of fear that all accounts are compromised. Often this isn’t the case.
Some easier steps to take include:
- Change the passwords to your most important accounts (banks, email, password managers etc).
- Be sure 2FA is enabled on all accounts.
- Check device logins on important accounts and see if there are any out of the ordinary ones.
These steps work if users don’t have the same password for multiple accounts. If this is the case, we advise people to change passwords on all accounts with the same password, and make separate passwords for each account.
If financial information is involved it is often a good idea to contact the financial institution and change login information, especially if bank account information might have been compromised.
After all devices and accounts are secure, users should feel better about the situation. Now users just need to monitor their accounts and devices.
The most important thing to keep an eye on are accounts like bank and credit information, email addresses, and anything with sensitive information. Be sure to look for any unusual purchases or activity. If any are found, be sure to take appropriate action with the corresponding institution.
If all of these steps have been taken and still devices and accounts are compromised, it may be time to consult an expert.
Learn From The Experience
For many internet users, it often takes something bad happening for them to learn how they could have prevented it from happening.
Unfortunately people have been scamming each other since the beginning, and the internet has made it even easier, and less personal.
Learning these often harsh lessons, and recovering from them can open users eyes to the trickery on the internet. Though unfortunate, they usually end up being stronger and more informed. Having strong security, being more cautious, and researching ways to stay safe will create a path for the user to understand and combat these problems if they ever arise again. For starters this MSN article, 3 widespread scams even smart people can fall for, is a good place to gain some more knowledge.
If you have specific questions about how to recover after being hacked or scammed, or if our terminology isn’t clear, please use our contact form to send us a message. Thank you!