“我被黑了”是近来经常听到的一句话。无论是有人错误地提到了随机恶意软件感染,还是有人试图退回令人遗憾的社交媒体帖子,这个术语都会被广泛使用。
然而,对于计算机、智能手机和平板电脑等设备的现代用户来说,被黑客入侵是一个真正的危险。整个地下存在着所谓的“黑帽”黑客,他们从利用系统和人类心理的漏洞中获利。身份盗窃(Identity theft)和直接金钱盗窃是这些犯罪黑客的两个常见驱动因素。
问题是知道自己被黑客入侵可能很难。这不像是一个大的闪烁的红灯让你知道。
这(Which)就是为什么您应该注意在您的数字世界中出现问题的常见迹象。因此,这里有迹象表明您是黑客的不幸受害者。
黑客告诉你
我们从您被黑客入侵的最明显迹象开始,这只是被声称(someone purporting)是黑客的人联系并让他们这么说。
这可能是通过直接消息、电子邮件或勒索软件等恶意软件。无论哪种方式,黑客通常都会告诉您他们已经入侵了您,然后提供某种形式的证据。紧随其后的是某种需求,通常是
加密货币支付(cryptocurrency payment)形式的货币。
你该怎么办?(What should you do?)您应该知道的第一件事是,仅仅因为有人说他们已经设法破解了您,并不意味着情况就是如此。最近的一个技巧是通过电子邮件联系某人,然后向他们展示他们拥有特定帐户的密码。
这里实际发生的是诈骗者提取了一个旧密码,并希望吓唬你给他们钱或(money or something)真正有用的东西。如果他们真的可以访问您的帐户,他们会以具体的方式进行演示(例如加密您的整个计算机)。
因此,请登录相关帐户,更改密码并在可能的情况下激活双因素身份验证(two-factor authentication)。此外,如果任何其他帐户正在使用您受到威胁的密码,请立即更改它们。然后忘记这一切。另外,永远不要给这些人钱,这对你没有任何帮助,只会鼓励他们。
如果威胁是真实的,请联系
服务提供商(service provider)并让他们知道您的帐户已被劫持。如果您是勒索软件的受害者,该软件会加密您的数据并要钱,请减少损失。擦除机器并从备份中恢复数据。您还应该将最重要的信息保存在Dropbox 之类的东西中,这样您就可以在较长的(Dropbox)窗口期内(window period)回滚任何更改。
您无法登录
您被黑客入侵的最初迹象之一是您的帐户(account refuse)凭据无法正常工作。您已经仔细检查了,但仍然无法登录。很奇怪(Weird),对吧?嗯,这是一个非常明显的迹象,表明其他人拥有你王国的钥匙,这可能是一个非常严重的情况。
你该怎么办?(What
should you do? )这里正确的行动方案取决于几件事。如果可以,您应该立即启动密码重置(password reset)并更改密码。然后,如果服务提供它,请激活两因素身份验证。这意味着必须通过手机或电子邮件输入额外的一次性代码,但这是防止黑客入侵的一种非常有效的方法。
如果您的主电子邮件帐户(email account)已被黑客入侵,并且您在发生之前没有设置任何备份恢复选项,您需要立即与服务提供商(service provider)联系,以便他们可以暂停该帐户,然后验证您的身份。
不是你的活动
您(Are)的朋友是否因为您在Twitter 上(Twitter)发布的内容而向您发送消息?您(Did)的在线角色(online persona)是否突然向您的老板发送了一些非常 NSFW 的内容?
这是一个非常明确的迹象,表明您的帐户已被接管。您可以遵循与上述完全相同的建议,但也请务必在您的社交媒体帐户上发布通知,为内容道歉并否认自己。
你的浏览器叛逆
(Did)打开网络浏览器时,您是否注意到一些奇怪的事情?您通常的主页(home page)无处可见。相反,一些奇怪的新搜索引擎(search engine)坐在那里,像浴缸里不受欢迎的青蛙一样等着你。您尝试在地址栏中(address bar)输入搜索词,但这一切都只是将您重定向到那个奇怪的新站点。当您尝试访问您常用的网站时,地址和网站看起来并不像应有的那样。这是怎么回事?
这是黑客通过恶意软件实现的一种常见技术,称为浏览器劫持(browser hijacking)。您的浏览器已被入侵,您无法再信任它了。通常(Often),当浏览器被劫持时,您会被重定向到由创建恶意软件的黑客控制的虚假网站版本。然后,他们可以获取您的详细信息并使用您的姓名访问其他网站,例如在线银行服务。(online banking)
有时,目标只是将您的机器变成广告赚钱工厂(advertising money mill)。广告(Ads)会自动弹出并被点击。游戏系统并为那些广告商赚钱。不管是什么原因,这是一个非常糟糕的情况!
你该怎么办?(What Should You Do? )首先,您应该卸载自问题开始以来添加到系统中的所有软件。您还应该查找您不记得安装并删除它们的任何应用程序。
这通常不足以解决问题,因此在完成正常的卸载过程后,您需要使用恶意软件清除工具(例如Malwarebytes)来清除感染。
您的设备行为异常
上面的迹象非常明显,但您的设备的妥协通常会更加微妙。如果您的计算机一直很慢并且满负荷工作,这可能表明事情不正确。手机的电池电量消耗得更快吗?鼠标指针(mouse pointer move)是否自行移动或应用程序在您不执行任何操作的情况下打开和关闭?某些东西,例如您的防病毒软件,是否突然被禁用?
这些和其他类似迹象表明外部干扰,黑客以某种方式控制了您的系统。可怕(Scary),对吧?
你该怎么办?(What Should You Do? )首先(First),断开该设备与互联网的连接!如果有人主动向它发送命令,那么第一步就是切断该访问权限。其次,如果可以,请运行反恶意软件和防病毒软件(anti-malware and antivirus software)。
但是,最好的选择可能是恢复出厂设置或完全擦除并重新安装该系统(factory reset or complete wipe and reinstall of that system)。您甚至可能希望让专家清洁设备,以确保设备上没有任何东西可以再次为黑客打开窗口。
您的网络摄像头在不
使用时会(Use)亮起(Webcam Lights Up)
你有没有见过人们在电脑前的照片,在他们的网络摄像头上粘着一小块胶带?那是因为网络摄像头黑客攻击(webcam hacking)非常普遍,而您最不想看到的就是被监视!如果您注意到您的网络摄像头活动指示灯(activity light)在您不使用时亮起,请非常怀疑!
你该怎么办?(What Should You Do? )同样,我们要运行恶意软件和防病毒软件(malware and antivirus software)。您还需要查看网络摄像头的品牌和型号(make and model)是否已收到驱动程序或固件更新(driver or firmware update),其中可能包含针对黑客发现的任何安全漏洞的补丁。(security flaws)
如果您有可以关闭或断开连接的网络摄像头,则应仅在使用时将其打开。如果您有内置摄像头,那么这种胶带策略(tape strategy)也不错。
检查您是否是数据泄露的(Data Breach)受害者(Victim)
当保存您数据的大(或小)公司遭到黑客攻击时,可能需要数年时间才能使用该信息对您不利。通常公司甚至不知道它发生了,直到被盗数据被出售。幸运的是,您可以访问Have I Been Pwned,它维护着一个包含所有已知数据泄露的可搜索数据库(database of all known data breaches)。
只需输入您的电子邮件地址(email address),您就可以查看您是否已被入侵。如果您是受害者,请继续更改所有密码。事实上,您可能想要使用自动为您生成唯一强密码的密码管理器(password manager that auto-generates unique strong passwords)。
破解这个!
虽然网上有很多阴暗的人想要以普通人为目标谋取私利,但您不必视而不见。如果您注意并采取(attention and practice)良好的安全措施(security approach),您通常可以在任何严重损坏发生之前控制情况!
6 Signs That You’ve Been Hacked (And What To Do About It)
“I’νe been hacked” iѕ a common thing to hear
these days. Whether it’s someоne mistakenly referring to a random malware
infection or a person tryіng to walk back a regrettable social medіa poѕt, it’s
a term that gets thrown around a lot.
Getting hacked is, however, a real danger for modern day users of devices like computers, smartphones and tablets. There exists an entire underground of so called “black hat” hackers that profit from exploiting vulnerabilities in systems and human psychology. Identity theft and direct monetary theft are two common drivers of these criminal hackers.
The problem is that knowing you’ve been hacked
can be hard. It’s not like there’s a big flashing red light to let you know.
Which is why you should be aware of common signs that something isn’t right in
your digital world. Thus, here are the signs that you have been the unfortunate
victim of a hack.
A Hacker Tells You
We’re starting with the most obvious sign that
you’ve been hacked, which is simply being contacted by someone purporting to be
the hacker and having them say so.
This could be via direct message, by email or
through malware such as ransomware. Either way, the hacker will usually tell
you that they’ve compromised you and then provide some form of evidence. This
will then be followed by some sort of demand, often money in the form of a
cryptocurrency payment.
What should you do? The first thing you should know is that just because someone says they’ve managed to hack you, doesn’t mean that’s the case. One recent trick is to contact a person via email and then show them that they have their password for a specific account.
What’s actually happening here is that the scammer has pulled an old password and hopes to scare you into giving them money or something of real use. If they actually had access to your account they’d demonstrate it in a concrete way (like encrypting your entire computer).
So, log into the account in question, change
the password and activate two-factor authentication if possible. Also, if any
other accounts are using the password you’ve been threatened with, change them
immediately. Then forget all about it. Also, never ever give money to these
people, it will do nothing to help you and only embolden them.
If the threat is real, then contact the
service provider and let them know your account has been hijacked. If you’ve
been a victim of ransomware, which encrypts your data and asks for money, cut
your losses. Wipe the machine and restore data from backups. You should also
keep your most critical info in something like Dropbox, which lets you roll
back any changes for a long window period.
You Can’t Log In
One of the first signs that you’ve been hacked is when your credentials for an account refuse to work. You’ve double-checked and still can’t log in. Weird, right? Well this is a pretty obvious sign that someone else has the keys to your kingdom and that can be a very serious situation.
What
should you do? The right course of action here depends
on a few things. You should immediately initiate a password reset and change
your password if you can. Then, if the service offers it, activate two-factor
authentication. This means having to type in an additional one-time code from
your phone or via email, but is a very effective way to prevent hacking.
If your primary email account has been hacked
and you have not set up any backup recovery options prior to it happening, you
need to get in touch with the service provider immediately so that they can
suspend the account and then verify your identity.
Activity That Wasn’t You
Are your friends messaging you because of something you posted on Twitter? Did your online persona suddenly send some very NSFW content to your boss?
That’s a pretty clear-cut sign that your account has been taken over. You can follow exactly the same advice as in the point above, but also be sure to post a notice on your social media accounts apologizing for the content and disclaiming yourself.
Your Browser is Being Rebellious
Did you notice something strange when opening
up your web browser? Your usual home page is nowhere to be seen. Instead some
strange new search engine sits there, waiting for you like an unwanted frog in
the bath. You try to type in a search term in the address bar, but it all just
redirects you to that weird new site. When you try to visit your usual
websites, the address and site don’t look quite the way they should. What’s
going on?
This is a common technique hackers achieve
through malware, called browser hijacking.
Your browser has been compromised and you can’t trust it anymore. Often, when a
browser is hijacked, you are redirected to fake versions of websites that are
controlled by the hacker who created the malware. They can then capture your
details and gain access to other sites such as online banking services using
your name.
Sometimes the goal is to simply turn your
machine into an advertising money mill. Ads will pop up and be clicked on
automatically. Gaming the system and making money for those advertisers.
Whatever the reason, this is a pretty bad situation to be in!
What Should You Do? First, you should uninstall any software added to the system since the problems started. You should also look for any applications you don’t remember installing and remove them.
This is usually not enough to get rid of the problem, so after finishing the normal uninstall process, you then need to use a malware removal tool such as Malwarebytes to clean out the infestation.
Your Device is Acting Strangely
The signs above are pretty overt, but often a compromise of your device is a little more subtle. If your computer is constantly slow and working at full capacity, that could be a sign things aren’t right. Does the battery on your phone run out much more quickly? Does the mouse pointer move by itself or applications open and close without you doing anything? Are some things, such as your antivirus, suddenly disabled?
These and other similar signs point to outside
interference, with a hacker gaining control of your system somehow. Scary,
right?
What Should You Do? First of all, disconnect that device from the internet! If someone is actively sending it commands, cutting off that access is the first step. Secondly, if you can, run anti-malware and antivirus software.
However, the best option is probably to do a factory reset or complete wipe and reinstall of that system. You may even want to have the device cleaned by a specialist, to make sure that nothing remains on it that could open a window for the hacker again.
Your Webcam Lights Up When Not in
Use
Have you ever seen photos of people in front
of a computer, with a little piece of tape stuck over their webcam? That’s
because webcam hacking is surprisingly common and the last thing you want is to
be spied on! If you notice your webcam activity light coming on when you aren’t
using it, be very suspicious!
What Should You Do? Again, we want to run malware and antivirus software. You’ll also want to see if the make and model of your webcam has received a driver or firmware update, which may contain a patch for any security flaws hackers have found.
If you have a webcam that can be switched off or disconnected, you should only have it turned on when using it. If you have a built-in camera, well that sticky tape strategy is not a bad one.
Checking if You’re The Victim of
a Data Breach
When big (or small) companies who keep you data get hacked, it could be years before that information is used against you. Often the companies don’t even know that its happened until the stolen data is put up for sale. Luckily you can head over to Have I Been Pwned, which maintains a searchable database of all known data breaches.
By simply putting in your email address, you can see if you have been compromised. If you have been a victim, go ahead and change all your passwords. In fact, you may want to make use of a password manager that auto-generates unique strong passwords for you.
Hack This!
While there are plenty of shady people out on
the net who want to target regular people for personal gain, you don’t have to
take it lying down. If you pay attention and practice a good security approach,
you can often contain the situation before any serious damage is done!