Personal: I’ve Been Hacked! What to do next?

Think you’ve been hacked? Do you know what to do next? Fear not, I have the answers.

---

Personal

This advice is for personal users and not organisations, I will be posting what an organisation should be doing after a breach soon.

The advice on what to do if you think you’ve been hacked depends on the method used. The most typical attacks home users will experience are scams, malware or ransomware.

For Scams

Scams are conducted for financial gain and if you fall victim to a scam, I highly recommend you contact your bank the moment you realise. If it’s early enough, your bank should be able to recover your money. However, if you transferred it via Gift Cards then it’s almost impossible to recover.

When you have time, be sure to make a report to your local police station.

It is also advised to report this to the ACSC (Australian Cyber Security Centre). This can be done via cyber.gov.au. Reporting to the ACSC doesn’t guarantee your incident will be investigated, however, it provides greater insight for the government and police into the threat landscape, allowing them to focus resources where needed.

There are scams out there that aim to steal your personal information. When this happens, it can be a massive headache for the victim, as the attacker can sign you up for credit cards, sell your data on the dark web, or even use your credentials for other scams. An example of this was in 2020, an Australian woman’s details were used for a dog breeding scam, causing people to show up to her home demanding a puppy they’d paid for. Unfortunately, there’s nothing she nor the other victims were able to do to recover their money. Source: ABC

The reason why it’s hard to recover the money is most of the malicious actors are overseas and it’s out of the jurisdiction of the state police and banks once the money is moved offshore, and it’s rare to see a scammer prosecuted if they are outside of Australia.

If you become a victim of identity theft, there are organisations to help you, such as ID Care.

For Ransomware

If you come across ransomware hopefully, your data is backed up somewhere safe. It is highly recommended not to pay the ransom, as it encourages actors to continue developing new variants. A fresh install of Windows should be sufficient to remove the ransomware.

Suppose you have important data that needs to be recovered. In that case, there’s a website that has been set up by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre, Kaspersky and Mcafee to help victims of ransomware retrieve their encrypted data without having to pay the attackers.

The website is called nomoreransom.org, you can provide information on the ransomware such as bitcoin address, website URL, email, or ransom note and they will provide the decryption key if they have it.

For Malware

Malware can be downloaded from anywhere, and your personal computer could become part of a botnet. A botnet is a network of compromised computers controlled by a malicious actor. They can use your computer to help with attacks, such as Distributed Denial of Service attacks (DDoS).

Now for malware, the best thing to do is scan your computer with a good Anti-Virus (AV). Use any of the major AVs such as Bitdefender, Trend, and Kaspersky, they should pick up most malware. If you need reassurance, I highly recommend the use of Malwarebytes and Hitman Pro to supplement your AV. I use Malwarebytes to accompany my main AV.

If you’re using Windows, Windows Defender is also a great choice and is already installed out of the box.

Now, if you require advice on a different type of compromise, feel free to comment below and I’ll do my best to provide the best advice to resolve your problem.