It’s not always easy to tell if your computer is being hacked, which can make it hard to know when to take action. But there are a few signs that can tip you off to the fact that someone has gained access to your machine. Keep an eye out for these indicators, and if you see any, be sure to do whatever you can to stop it!
There are so many successful attacks out in the world right now, and it seems like every week we read about some company or agency that announced a breach. Worse is that reports always say the attackers had been in place for months so many security professionals are moving to a mindset called “assume breach.”
In other words, rather than assuming all is well until they see evidence otherwise, the pros assume that the bad guys are already in, probably have been for some time, and they seek to eradicate them. If, after careful and exhaustive work, they find no evidence that an attacker was in place, they can give themselves a high-five and catch their breath for a moment, but the next day they are back at the same “assume breach” posture because it is the only way they stay diligent.
What are the signs that you’ve been hacked? Here are some tips on how to go about investigation suspicious activity.
1)Unwanted browser toolbars
This is probably the second most common sign of exploitation: Your browser has multiple new toolbars with names that seem to indicate the toolbar is supposed to help you. Unless you recognize the toolbar as coming from a very well-known vendor, it’s time to dump the bogus toolbar.
What to do: Most browsers allow you to review installed and active toolbars. Remove any you didn’t absolutely want to install. When in doubt, remove it. If the bogus toolbar isn’t listed there or you can’t easily remove it, see if your browser has an option to reset the browser back to its default settings. If this doesn’t work, follow the instructions listed above for fake antivirus messages. You can usually avoid malicious toolbars by making sure that all your software is fully patched and by being on the lookout for free software that installs these tool bars. Hint: Read the licensing agreement. Toolbar installs are often pointed out in the licensing agreements that most people don’t read.
2) Consider whether anything out of the usual is happening on your computer. You know your computer and how it runs better than anyone else. If it was working okay before but suddenly starts behaving oddly, it might be a sign of age or a broken part but the following issues could be just as likely to be signs of a hacking:
- You have standard programs and files that won’t open or work.
- Files that you didn’t delete appear to have disappeared, have been placed in the bin or have been deleted.
- You cannot access programs using your usual password. You find that your passwords have been changed within your computer.
- There is one or more programs on your computer that you didn’t put there.
- When you’re not using the computer, it is connecting itself to the internet frequently.
- File contents have been changed and you didn’t do the changes.
- Your printer may behave strangely. It may not print no matter what you do or it will print different pages that you did not command it to.
3)A Sudden Slow-Down
If your computer or your internet connection suddenly seems quite a bit slower than it did recently, it’s possible that someone else is using your processing power or bandwidth. Some hackers will install an application that runs in the background of your computer, taking up resources and slowing everything down.
- Fake virus messages. Either you have virus software or you don’t; if you don’t, such messages will automatically alert you. If you do, then provided you know what your program’s messages should look like, then you’ll also be alerted to the messages being fakes. Do not click on it; it’s a scam to get you to release credit card details in a panic to get rid of viruses on your computer. Be aware that the hacker is already controlling your computer (see What to Do below).
- Additional toolbars appear in your browser. They may carry messages about “helping” you. There should only be one toolbar. Be suspicious if they multiply.
- Random and frequent pop-ups appear on your computer. You’ll need to get rid of the program that is doing this.
- Your anti-malware, virus software doesn’t work, appears disconnected. Your Task Manager or Registry Editor may also be out of action.
- People in your email address list get fake emails from you.
- Money is missing from your bank account or you get bills to pay for online purchases you haven’t made.
5)Redirected Internet searches
Many hackers make their living by redirecting your browser somewhere other than you want to go. The hacker gets paid by getting your clicks to appear on someone else’s website, often those who don’t know that the clicks to their site are from malicious redirection.
You can often spot this type of malware by typing a few related, very common words (for example, “puppy” or “goldfish”) into Internet search engines and checking to see whether the same websites appear in the results — almost always with no actual relevance to your terms. Unfortunately, many of today’s redirected Internet searches are well hidden from the user through use of additional proxies, so the bogus results are never returned to alert the user. In general, if you have bogus toolbar programs, you’re also being redirected. Technical users who really want to confirm can sniff their own browser or network traffic. The traffic sent and returned will always be distinctly different on a compromised computer vs. an uncompromised computer.
What to do: Follow the same instructions as above. Usually removing the bogus toolbars and programs is enough to get rid of malicious redirection.
6)Your friends receive fake emails from your email account
This is the one scenario where you might be OK. It’s fairly common for our email friends to receive malicious emails from us. A decade ago, when email attachment viruses were all the rage, it was very common for malware programs to survey your email address book and send malicious emails to everyone in it.
These days it’s more common for malicious emails to be sent to some of your friends, but not everyone in your email address book. If it’s just a few friends and not everyone in your email list, then more than likely your computer hasn’t been compromised (at least with an email address-hunting malware program). These days malware programs and hackers often pull email addresses and contact lists from social media sites, but doing so means obtaining a very incomplete list of your contacts’ email addresses. Although not always the case, the bogus emails they send to your friends often don’t have your email address as the sender. It may have your name, but not your correct email address. If this is the case, then usually your computer is safe.
What to do: If one or more friends reports receiving bogus emails claiming to be from you, do your due diligence and run a complete antivirus scan on your computer, followed by looking for unwanted installed programs and toolbars. Often it’s nothing to worry about, but it can’t hurt to do a little health check when this happens.
Your antivirus app should be up and running at all times (there’s usually an icon in the task bar to tell you that it is). If it stops working, or won’t open, there’s a chance that a hacker has disabled it to cover his or her tracks. Because the antivirus app might clue you in to their attack, they’ll take it out.
It’s a good idea to run a daily or weekly full scan of your computer. If you’ve set this up to run automatically, and you don’t see it going when it should be, treat that as a warning sign. Anything that’s off about your antivirus is a sign to check it out more carefully.
8)Inability to Log In
If you’ve been locked out of your own computer, there’s a good chance someone else has been messing around with it. By keeping you out, they have free reign over pretty much everything. So if you unexpectedly have no access to your computer, it’s time to be worried.
Every once in a while, it seems like computers have a mind of their own. But if it starts seeming like that more often than usual, there may be something suspect going on. If your mouse is moving when you’re not touching it, if your browser has records of websites you didn’t visit, or if if your hard drive is going crazy when you’re just checking email, there might be something else going on.
10)Unexpected software installs
Unwanted and unexpected software installs are a big sign that your computer system has likely been hacked.
In the early days of malware, most programs were computer viruses, which work by modifying other legitimate programs. They did this to better hide themselves. For whatever reason, most malware programs these days are Trojans and worms, and they typically install themselves like legitimate programs. This may be because their creators are trying to walk a very thin line when the courts catch up to them. They can attempt to say something like, “But we are a legitimate software company.” Oftentimes the unwanted software is legally installed by other programs, so read your license agreements. Frequently, I’ll read license agreements that plainly state that they will be installing one or more other programs. Sometimes you can opt out of these other installed programs; other times you can’t.
What to do: There are many free programs that show you all your installed programs and let you selectively disable them. My favorite for Windows is Autoruns. It doesn’t show you every program installed but will tell you the ones that automatically start themselves when your PC is restarted. Most malware programs can be found here. The hard part is determining what is and what isn’t legitimate. When in doubt, disable the unrecognized program, reboot the PC, and reenable the program only if some needed functionality is no longer working.
Depending on your security settings, apps may need to request access permissions. Sometimes they need access through your firewall. Other times they’ll need permission to run. Or maybe they need to be granted permission to use information from other apps. Whatever they’re asking for, if it’s something you’re not familiar with, treat that as a warning sign.
It’s easy to get into the habit of just hitting Allow or OK whenever these requests come up, but take at least a few seconds to check them out. If they’re coming from apps that you’ve never heard of, be wary.
12)Spurious Financial Transactions
This should be an immediate and significant warning sign. If you’re seeing strange things come up on your financial statements, there’s a chance someone has stolen your financial information. It might not be from your computer. Maybe your bank account got hacked. Or there was another big data leak.
If there isn’t an obvious explanation, though, there’s a chance that someone has hacked your computer and grabbed your data from there. Check your firewall, run a virus scan, and do anything else you can to make sure it’s secure.
13)You get ca1lls from stores about nonpayment of shipped goods
In this case, hackers have compromised one of your accounts, made a purchase, and had it shipped to someplace other than your house. Oftentimes, the bad guys will order tons of merchandise at the same time, making each business entity think you have enough funds at the beginning, but as each transaction finally pushes through you end up with insufficient funds.
What to do: This is a bad one. First try to think of how your account was compromised. If it was one of the methods above, follow those recommendations. Either way, change all your logon names and passwords (not just the one related to the single compromised account), call law enforcement, get a case going, and start monitoring your credit. You’ll probably spend months trying to clear up all the bogus transactions committed in your name, but you should be able to undo most, if not all, of the damage.
Are You Seeing These Signs?
There are many symptoms that can tip you off to the fact that you’re being hacked. These nine things are reliable signs that something bad is going on, but there are plenty more. If your computer or internet connection is behaving strangely, be sure to check it out. Look at your task or process manager. Run a full virus scan. Check your incoming and outgoing network connections. You can never be too safe.
Have you experienced any of these warning signs? Did you ever find out if you were being hacked? What other signs should users be on the lookout for? Share your tips and experiences in the comments below!