11 sure signs you've been hacked

Redirected Net searches, unexpected installs, rogue mouse pointers: Here's what to do when you've been 0wned

RELATED TOPICS
Page 2 of 4

Sure sign of system compromise No. 3: Redirected Internet searches

Many hackers make their living by redirecting your browser somewhere other than you want to go. The hacker gets paid by getting your clicks to appear on someone else's website, often those who don't know that the clicks to their site are from malicious redirection.

You can often spot this type of malware by typing a few related, very common words (for example, "puppy" or "goldfish") into Internet search engines and checking to see whether the same websites appear in the results -- almost always with no actual relevance to your terms. Unfortunately, many of today's redirected Internet searches are well hidden from the user through use of additional proxies, so the bogus results are never returned to alert the user. In general, if you have bogus toolbar programs, you're also being redirected. Technical users who really want to confirm can sniff their own browser or network traffic. The traffic sent and returned will always be distinctly different on a compromised computer vs. an uncompromised computer.

What to do: Follow the same instructions as above. Usually removing the bogus toolbars and programs is enough to get rid of malicious redirection.

Sure sign of system compromise No. 4: Frequent random popups

This popular sign that you've been hacked is also one of the more annoying ones. When you're getting random browser pop-ups from websites that don't normally generate them, your system has been compromised. I'm constantly amazed about which websites, legitimate and otherwise, can bypass your browser's anti-pop-up mechanisms. It's like battling email spam, but worse.

What to do: Not to sound like a broken record, but typically random pop-ups are generated by one of the three previous malicious mechanisms noted above. You'll need to get rid of bogus toolbars and other programs if you even hope to get rid of the pop-ups.

Sure sign of system compromise No. 5: Your friends receive fake emails from your email account

This is the one scenario where you might be OK. It's fairly common for our email friends to receive malicious emails from us. A decade ago, when email attachment viruses were all the rage, it was very common for malware programs to survey your email address book and send malicious emails to everyone in it.

These days it's more common for malicious emails to be sent to some of your friends, but not everyone in your email address book. If it's just a few friends and not everyone in your email list, then more than likely your computer hasn't been compromised (at least with an email address-hunting malware program). These days malware programs and hackers often pull email addresses and contact lists from social media sites, but doing so means obtaining a very incomplete list of your contacts' email addresses. Although not always the case, the bogus emails they send to your friends often don't have your email address as the sender. It may have your name, but not your correct email address. If this is the case, then usually your computer is safe.

What to do: If one or more friends reports receiving bogus emails claiming to be from you, do your due diligence and run a complete antivirus scan on your computer, followed by looking for unwanted installed programs and toolbars. Often it's nothing to worry about, but it can't hurt to do a little health check when this happens.

Sure sign of system compromise No. 6: Your online passwords suddenly change

If one or more of your online passwords suddenly change, you've more than likely been hacked -- or at least that online service has been hacked. In this particular scenario, usually what has happened is that the victim responded to an authentic-looking phish email that purportedly claimed to be from the service that ends up with the changed password. The bad guy collects the logon information, logs on, changes the password (and other information to complicate recovery), and uses the service to steal money from the victim or the victim's acquaintances (while pretending to be the victim).

What to do: If the scam is widespread and many acquaintances you know are being reached out to, immediately notify all your contacts about your compromised account. Do this to minimize the damage being done to others by your mistake. Second, contact the online service to report the compromised account. Most online services are used to this sort of maliciousness and can quickly get the account back under your control with a new password in a few minutes. Some services even have the whole process automated. A few services even have a "My friend's been hacked!" button that lets your friends start the process. This is helpful, because your friends often know your account has been compromised before you do.

If the compromised logon information is used on other websites, immediately change those passwords. And be more careful next time. Websites rarely send emails asking you to provide your logon information. When in doubt, go to the website directly (don't use the links sent to you in email) and see if the same information is being requested when you log on using the legitimate method. You can also call the service via their phone line or email them to report the received phish email or to confirm its validity. Lastly, consider using online services that provide two-factor authentication. It makes your account much harder to steal.

RELATED TOPICS
| 1 2 3 4 Page 2
From CIO: 8 Free Online Courses to Grow Your Tech Skills
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies