Compromised accounts happen. Quick identification and response can reduce the harm done to your account and your personal information.
How to know if you’ve been hacked:
- Your friends tell you. They’ve received a spammy or phishy e-mail from your email account, social media, messaging apps, or SMS.
- Your phone tells you. Battery and data usage are higher than normal. Charges for premium SMS numbers show up on your bill.
- Your merchants or bank tell you.You receive collection calls. There’s money missing from your bank account.You receive a message about insufficient funds due to unauthorized charges. Credit card statements include charges you didn’t authorize. You receive a delivery notification for something you didn’t order.
- Your browser tells you. Unwanted browser toolbars, homepages, or plugins appear unexpectedly. You’re seeing lots of pop-ups or web page redirects. Your online passwords aren’t working.
- Your software tells you. New accounts appear on your device. Antivirus messages report that the virus hasn’t been cleaned or quarantined. You see fake antivirus messages from software you don’t remember installing. Programs are running or requesting elevated privileges that you did not install. Programs crash randomly.
- Your mail tells you. You receive a notification from a company that has recently suffered a cybersecurity breach.
Here’s how to recover:
- Change your affected passwords using an unaffected device. Not sure which passwords are affected? It’s best to change them all. If it’s available, enable multi-factor authentication.
- Update your mobile software and apps. Make sure you keep them up-to-date.
- Update your antivirus software. Then run a complete scan. Follow the instructions provided to quarantine or delete any infected files.
- Update your browser software and plugins. Check frequently for new updates and delete any unnecessary or obsolete plugins.
- Is your computer still acting wonky? Home computer? It might be best to start from scratch with a complete reformat or reinstall of your machine so you can ensure that all affected software is fixed. RIT Computer? Contact your Service Desk if you’re still having problems.
- Self-report to credit agencies. If you believe your personally identifiable information has been affected, you don’t want to deal with identity theft on top of being hacked. You may consider freezing your credit account. Visit our Identity Theft page for more information.
- Monitor your bank accounts.Are you seeing unexpected charges or withdrawals?
- Be prepared with backups. Don’t let the next compromise ruin your day. Backup your files frequently. Consider storing at least two separate backups: one on an external drive and one in cloud storage.
- Stay ahead of the hackers. Check the Have I been pwned website to see if your accounts were hacked in a known attack.
- Contact Law Enforcement. For any crime involving RIT Information Resources, contact RIT Public Safety.
For More Information
- Review the FTC’s consumer information and resources about hacked e-mail.
- Learn how to regain control of compromised or hacked accounts with these tips from NCSA.
- Share this Wired article, “What to Do After You’ve Been Hacked.”
- Learn how to recover a compromised Gmail account from Google.
Quick Infosec Tip: Backup your data often. When you get hacked, it’ll be a snap to recover.
Reminder: The RIT Information Security Policies and Standards are designed to help keep RIT and the RIT community safe from cybersecurity threats. <http://www.rit.edu/security/content/intro-policies-standards>
Thank you to Patricia Clay and Jennifer Patterson of the Awareness and Training Working Group of the EDUCAUSE Higher Education Information Security Council (HEISC) for the content above.