Here’s how to respond to being hacked

What To Do When You’ve Been Hacked

If you’re reading this, it’s too late. Famous words on the cover of a Drake album, but that now speak for the dangers you’re now exposed to by simply being online. While in the past, being hacked seemed a distant improbability that loomed closer for only those who had made enemies in school, nowadays everyone is susceptible to having their online accounts hijacked by malicious parties. What’s worse — the amount of information we knowingly or otherwise make available about ourselves in cyberspace, means that anyone who gains control of our online personas also gains unprecedented insight into or even control over our lives. Sounds scary, doesn’t it? Apart from educating yourself on good online habits, it’s important to know how to respond in the event that your account is hacked. We’re walking you through the latter.

You’ve been hacked – what does it mean?

Image credit: Unsplash

The term, ‘hack’ is thrown around a lot nowadays. Given that most of us know next to nothing about what hacking really means, the image that immediately comes to mind is some dingy room, lit only by rows and rows or green zeros and ones zipping incoherently across a black screen, and the bespectacled, black-hoodied youth clattering away on a mechanical keyboard. While the spirit of this impression doesn’t deviate too far from reality, the act of hacking has since progressed to include a great deal of very sophisticated methods.

The most obvious is brute force, and some hackers will try to pry your account open by attempting to sign in repeatedly. This is especially easy if they already have some of your personal information, which is easily obtainable on a quick Internet search. With their understanding of local user patterns, the hacker may try passwords containing references to your preferences or details. And in case you thought they’d be doing manual trial and error, these passes are made using a combination of hardware and software that make breaking in, a breeze. The 100 most popular patterns are usually enough to unlock most accounts.

Another popular method of hacking is phishing, where credible websites are replicated by criminals with the aim of infiltrating the user’s device or using information provided by the user to extort (usually) money. While you’d be hard pressed to find someone who hasn’t heard of the concept, many still fall prey to phishing every day. That’s why cyber safety advocacy groups advise that all Internet users verify the authenticity of links (such as with an anti-phishing toolbar) before clicking, and of websites before giving out personal information.

Malware is an umbrella term for malicious software intended to cause harm to the recipient’s network, server or computer . Malware attacks may happen from software, such as successful phishing attempts, or hardware, as in infected USBs that you’ve plugged into your computer. Viruses, spyware and ransomware are just some of the many types of malware you can encounter with unsafe Internet and hardware use. Read more about the various types of cyber threats here.

How would I know I’ve been hacked?

Image credit: Unsplash

You’re signing up for an online shopping account. The retailer’s site prompts you for all manner of information including your bank account number, and somehow your mobile number, email address or an alternative email address (for new email accounts) is a required field for submitting the form. Why?

More often than not, these additional details have account recovery purposes, which means you can still access your account in the event of a lost password. The more relevant purpose is however in informing you when attempts are made to access your account from a new location, device, and so on. The platform may also inform you whenever any activity (such as payment or a password change) is successfully performed through your account, which serves both as confirmation on your part, or alert to any unauthorised transactions.

Some accounts also allow you to review recent activity, so the cautious can opt to check this log regularly to ensure that all registered instances can be accounted for. Likewise, check your bank statements regularly to ensure no unauthorised purchases or transfers have been made, and that all payments made to you have reached your account. If you have an antivirus software installed on your device, the software may inform you if your device is in danger of malware.

#TiqOurWord Did you know? At the time of its release last year, Etiqa was among the pioneers of personal cyber security insurance in Singapore. A personal cyber security insurance plan can ensure that you are reimbursed for restoration of any data corrupted by or lost to malware infections. Under a good plan, you would also be covered in the event of ransomware attacks.

Contact Customer Service

Image credit: Pixabay

In situations like those mentioned, your SOP should be to search for options in the message to let the platform know that you did not perform said activity on your account. Larger companies will have steps in place to secure your account against any more activity.

Companies may also be able to trace the location and IP address of whomever is attempting to tamper with your account. They can advise you on steps to take to minimise any damage to you.

Change your password

Image credit: Unsplash

Today, each of us has so many Internet accounts that it has become virtually (pun intended) impossible to remember a unique password for every one. We frequently resort to using similar password across several accounts. If this is you, and especially if one of your accounts has been compromised, then you should immediately change the passwords of all accounts that share this password, including the compromised account, if possible. Select more secure combinations of characters and remember them with help from a password manager app. Options like Dashlane, Lastpass and 1Password are easy to use. Dashlane offers free and paid options, Lastpass functions on a freemium license and 1Password is paid. All are available across platforms and devices.

Remove links to more personal information

Image credit: Unsplash

If you have a bank card linked to the compromised account, you may be at risk of theft. This warning doesn’t come from baseless hypothesis but from the experiences of countless victims, on platforms that range from accommodation booking apps to online shopping sites.

An additional danger is the exposure of even more personal data to hackers. In case you haven’t yet heard, there’s a big online black market for personal information and Internet accounts are purposefully infiltrated to loot data for sale — and even big companies are not infallible, as illustrated by the discovery of 3.7 million Sephora customers’ records on the Dark Web. As if big data and the usage of information normally collected about you weren’t opaque enough, it’d be all the more impossible to imagine what happens to your personal data, stolen from your accounts and sold to invisible buyers. If your account is hacked, unlink all linked accounts and empty all fields containing private information, stat.

Update your cyber safety software

Image credit: Unsplash

If your device has been compromised, then it’s a good idea to reinstall your Operating System, wipe your hard drive and retrieve your backup files . These actions are in the hopes that the malware can be purged along with everything else. If your computer has been hijacked by stronger software, you should seek the help of an IT professional or professional service, such as at Sim Lim Square or at various providers across the country, who may have expertise in removing the software or protecting your personal information.

It can also help to have the newest version of your antivirus software installed. This can help you uproot malware or other threatening material in your computer.

Preserve all evidence and contact local authorities

Image credit: Unsplash

If you are seeking help from external parties to investigate the incident, then ensure that all records of criminal activity are intact and do not tamper with any activity logs. If you’re worried they’ll be erased, have them printed out so you have a complete set of information to share with whomever you’ve engaged.

In Singapore, the authorities charged with handling cyber crime reports are the Singapore Police Force. When faced with incidents of cyber crime, make a report at the nearest neighbourhood police station, especially in cases where Customer Service is unable to help you recover any losses.

Finally, remember to let your loved ones know you’ve been hacked so they don’t respond to any communications from the account(s) in question.

#TiqOurWord The Internet can be a very scary place, and hidden intentions are everywhere. Stay covered in the virtual world with a cyber security insurance plan, which covers you from stolen credit card details to impersonation attempts. To find out how to prepare yourself to face unforeseen dangers online, read on here.

Stay alert online!

Whether or not you’ve experienced having an account hacked in the past, it pays to stay vigilant to any suspicious activity — anyone can fall victim to hackers. As long as you have any personal information in cyberspace, it’s important to understand the risks you’re exposed to and how to protect yourself . Now, if you run into any danger online, you’ll know how to respond.

Information is accurate as at 21 August 2019. Protected up to specified limits by SDIC. This policy is underwritten by Etiqa Insurance Pte. Ltd. (Company Reg. No. 201331905K)

Tiq by Etiqa Insurance Pte. Ltd.

A digital insurance channel that embraces changes to provide simple and convenient protection, Tiq’s mission is to make insurance transparent and accessible, inspiring you today to be prepared for life’s surprises and inevitabilities, while empowering you to “Live Unlimited” and take control of your tomorrow.

With a shared vision to change the paradigm of insurance and reshape customer experience, Etiqa created the strong foundation for Tiq. Because life never stops changing, Etiqa never stops progressing. A licensed life and general insurance company registered in the Republic of Singapore and regulated by the Monetary Authority of Singapore, Etiqa is governed by the Insurance Act and has been providing insurance solutions since 1961. It is 69% owned by Maybank, Southeast Asia’s fourth largest banking group, with more than 22 million customers in 20 countries; and 31% owned by Ageas, an international insurance group with 33 million customers across 16 countries.

Discover the full range of Tiq online insurance plans here .