No one likes getting hacked, and it’s true that the quicker you can spot something has gone awry, the better your chances of minimising the damage. These are the main warning signs to look out for, what they might mean, and some quick pointers about what you should do next.
1) Unexplained financial transactions
One of the biggest red flags likely to send you into a mild panic is a record of a purchase that you’ve got nothing to do with: It usually means a scammer has either got access to some of your card details or one of your online payment accounts, such as Amazon or PayPal. If you check your bank balance daily you’ll notice this one very quickly – if you don’t, maybe you should start. Where possible make sure your purchases are always set to be confirmed as emails or SMSes, which will help you catch this kind of hack more quickly—and don’t ignore any suspicious payment confirmations, even from retailers you’re not registered with, as fraudsters could be testing the waters. Scams like this aren’t necessarily connected to your computer or phone apps, but they could be, especially with banking increasingly moving online and going mobile.
2) Your phone or computer seriously slows down
Hijacking your computer or phone to mine Bitcoin or send out malware takes a lot of processing power, so you should be on the lookout for significant slowdowns in performance on any of your devices, or indeed on your network connection—if Netflix suddenly starts buffering all the time, something untoward that’s sneaked past your security software could be to blame. Of course, that’s not to say every system slowdown or buffering message is due to compromised security because gadgets tend to slow down over time anyway. What you should particularly pay attention to are drops in performance that are significant, sudden, and long-term—at that point it’s probably a good idea to run through as many security checks as you can.
3) Disabled or buggy security software
Once malware takes root on a system, it loves to feather its nest and make sure it can take maximum advantage—that means disabling any security programs that might spot and get rid of it, and give other malware apps the green light through your computer’s defences. If you find your antivirus program gets disabled and keeps getting disabled, or disappears altogether, or won’t run scans when you ask it to, then malware could well be to blame, and you need to root it out as soon as you can (see the bottom of the article for some tips). Of course a malware warning from your antivirus suite is a pretty big red flag too.
4) Software or browser add-ons you don’t recognise
As we just mentioned, malware that’s taken root or is taking root on your system will often invite some of its friends along to the party—these additional programs can then make your computer more exposed or cause additional damage. Be on the look-out for programs you didn’t ask for appearing anywhere on your system or in the memory, or any browser add-ons you don’t remember installing. Task Manager on Windows (find it through the search bar on the taskbar) and Activity Monitor on macOS (find it through Spotlight by hitting CMD + Space Bar or clicking the magnifying glass in the top right corner) can help you check on what’s running on your system. For your browser, open up the page of installed add-ons—on Chrome, for example, open up the app menu then choose More tools and Extensions.
5) A lot more pop-ups than you’re used to
Do you like pop-ups? Malware and viruses do, and will often bombard you with them—whether it’s to run a security scan of your system (don’t), or to enter a lucky prize draw (don’t), or to verify your account credentials on the web (don’t). These will often look very authentic, but the clue should be in their randomness—if you didn’t ask for them and haven’t seen them before, be very wary. The browsers and indeed operating systems of today do a very good job of policing pop-ups, so chances are if you see malicious messages get through, there’s something pretty seriously wrong with your system. Ads that belong on your computer or phone will be for genuine brands and expected, and easily closed.
6) Changes in system settings
Has something changed about the way your computer’s configured? An unauthorised app lurking on your system could be to blame. The classic examples are a change in your browser’s homepage or search engine—most modern browsers are now too savvy for that trick, but it shows how malware can guide you further down a dangerous rabbit hole to further the hacker’s ends (even if it’s just affiliate links). Watch out for requests to change system settings or to elevate the permissions of a particular program, which could be something like a keylogger wanting autonomy over your computer (this also goes back to the disabling of security software, which we’ve already mentioned). Not all malware will be so visible and might change your settings in a way you can’t notice—but keep your eyes open.
7) Your computer or phone goes out of your control
If you get the sneaking suspicion your computer or phone has a mind of its own then there’s a chance it’s remotely controlled via a backdoor app installed somewhere on your device, as scary as that idea is. Look for unexpected mouse movements, key presses, or app launches, as well as your computer or phone display waking up when you’re not doing anything with it. Lots of hard disk activity when your computer is idle is sometimes (though not always) is a sign of a hack too. Fortunately, these types of attacks are very rare, but they’re also some of the most serious—disconnect your device from the web and restart it before attempting some of the remedies we’ve mentioned at the bottom of this article. Some damage may have already been done, but you can wrestle back control.
8) Random shutdowns and restarts
Another symptom that can either point to a hack or just an unhealthy computer or phone: Random shutdowns and restarts. They might mean unauthorised apps have taken control (or part-control) of your device and are destabilising the system as a whole. If it happens once or twice, don’t worry too much about it. If it keeps happening, investigate more thoroughly—is this just a bug or something more serious. Again the Task Manager (Windows) or Activity Monitor (macOS) can help you see what’s running on your system, or fire up the full list of installed apps from the Settings screen of your phone. This can also manifest itself as a device’s battery running hotter than normal.
9) Sent messages you had nothing to do with
Malware apps and hackers who’ve gained access to accounts will often try and spread their tentacles by reaching out to as many of your contacts as they can get their hands on. For that reason, it’s always worth checking all your sent folders—on email, on SMS, on IM apps, on social media, and so on. Be very suspicious of anything sent by you that you don’t remember sending—this often points to someone else having access to the platform in question, either from your device or via the cloud. That’s a lot of ground to cover of course, but if your friends and family have their wits about them, you’ll quickly get alerted by a barrage of notifications from them asking why you’re hawking links to dodgy sites or dodgier downloads. Hopefully, you’ll be able to nip it in the bud before any serious damage is done.
10) An online activity you don’t recognise
Sure, we’re all prone to sending off the odd social media comment after a few beers and then forgetting all about it the next day, but another suspicious and unexplained activity on your accounts is a sure sign that you’ve got an unwelcome visitor logging into your accounts from somewhere other than your phone or your computer. The trouble is it might not come to light for several days. So this could be getting signed up for Facebook groups or email lists that you’re just not interested in, or following a bunch of Twitter accounts that you had nothing to do with (perhaps trying to dupe your friends into compromising their accounts too). Or maybe something weird pops up in your Netflix viewing activity. Try and stay vigilant across as many of your accounts as you can (click the View Activity Log link on your Facebook profile, for example).
11) You can’t log into your accounts
A pretty obvious one—you can’t get into an online account because someone else has changed the password. Unless you think you might have genuinely forgotten what the right password was, it’s likely your account has been compromised somehow (you might want to check in your inbox for evidence of a password change notification). Try not to panic. Most online accounts, especially the major ones, have a variety of tricks and techniques to help you regain access—they’ll know which devices and computers you regularly use, for example, and wherein the world you are, and all this information can help re-establish your identity. Follow the account recovery links and then work through the steps as best you can.
Recovering from a hack
The rules for recovering from a hack are pretty much the same across the board: Even if it only seems like your web accounts are compromised, there could still be malware lurking on your local computer, and vice versa. It’s best to do a clean sweep of all possible causes than to leave any holes left open. With that in mind you should, as a matter of course, change your passwords on all your accounts, especially if you tend to use the same password on more than one of them (which you definitely shouldn’t be doing). In the case of online hacks, you should also report the breach to the site or app your using—a link should be fairly easy to find.
When it comes to computers, a thorough virus scan is essential, either by whatever you have installed, or (if that’s been compromised) by an on-demand scanner like ClamWin Portable or Bitdefender Virus Scanner. If you can’t get these working on your main computer (maybe because they’re being blocked by malware, or you’ve had to disconnect from the web), download them on a friend’s and copy them across. After you’ve blitzed a suspected infection with as many security scans as you can get running, you might still need a complete system reset, whether on mobile or desktop. Fortunately, backing up all your data and resetting everything is easier than ever on Windows, macOS, Android, or iOS.
Recovering from a hack is a whole other article in itself, but that should get you started. The good news is you’ll often get help from the accounts or software you’re using, or (in the case of financial hacks) your card or banking provider. Get in touch with them for some more detailed advice.
Credit: David Nield for Gizmodo, 13 October 2016.