Your Online Account(s) Got Hacked & You Are Locked Out: What Do You Do!?

Online security is becoming increasingly critical as more of our daily lives move onto the internet. If you believe one or more of your online accounts have been hacked or compromised, it’s essential to act swiftly. If you are locked out of an account, the situation becomes even more urgent. Below are detailed steps you can take to mitigate damage, regain control, and enhance the security of your other online accounts.

*Note: One takeaway from my own personal "getting hacked" experience is that the new "Verified" model that most social media platforms use now is being leveraged to push users into paying for the verification, just to receive any kind of personal support if they happen to have any problems or issues with their account. Going forward I recommend (and will personally practice) that you verify ANY and ALL online social media accounts that are important or critical to your life/work. You can use the services for free, but if you have an issue like an account hi-jack/take-over, it can be next to impossible to get ANY help if you are un-verified.

1. Report the Incident Immediately!

Reporting the compromise to relevant authorities and service providers is crucial. This not only helps you recover control of your account but also aids in preventing further damage.

• Local Police: If you suspect identity theft or fraudulent activity, file a report with your local police department. Keep copies of the report for further use.
• Websites or Software Providers: Contact the customer support teams of any websites or services involved in the breach. Most platforms like Google, Facebook, and financial services have processes in place to assist users in recovering hacked accounts.
• IC3/FBI: If the incident involves significant financial loss or cybercrime, file a report with the Internet Crime Complaint Center (IC3), which is a division of the FBI focused on internet-based crimes.

2. Recovering a Locked-Out Account:

If you are locked out of an account, follow these steps (and see further details at the end of the blog):

• Use Account Recovery Options: Most services offer account recovery options like email or phone verification, but this may not be safe if these are compromised. Prioritize recovery methods like trusted devices or backup codes (which many services provide when setting up 2FA).
• Contact Customer Support: If recovery options fail, reach out to the service provider’s customer support. Be prepared to verify your identity through personal information or past account details.
• Keep Documentation: If you’ve filed reports with the police or the IC3, share these reports with the service provider, as this may help speed up the account recovery process.

3. Secure Any Associated Payment Services

If you're completely locked out of an account, especially one that’s linked to financial services, take immediate action by logging into any associated payment services and removing access to the hacked site or account. For instance:

• PayPal
• Venmo
• eBay
• Banking apps or credit card accounts

This helps to stop any unauthorized transactions that could stem from the compromised account. Be sure to carefully review recent activity on these services to identify any fraudulent activity and report it to your payment service provider.

3. Change Passwords on Any/All Online Accounts You Have!

Once you've safeguarded your payment methods, it's essential to change your passwords across all your online accounts. Start with the most important and sensitive accounts first:

• Email Accounts: Your email is often the gateway to all your other accounts, so this is the highest priority.
• Financial Accounts: Banking, credit cards, PayPal, Venmo, CashApp, Zelle, etc.
• Shopping Platforms: Amazon, eBay, and any other sites where your payment information is stored.

Use strong, unique passwords for each account. Consider using a password manager to generate and securely store complex passwords, reducing the chances of reuse or weak password issues.

4. Monitor and Secure All Other Online Accounts

Even if only one account was compromised, hackers may have attempted to access other accounts through the use of the same password or linked email addresses. Take the following additional precautions:

• Review all recent account activity for suspicious logins or transactions.
• Revoke access to any suspicious devices or apps that are connected to your accounts.
• Update security questions and answers, ensuring they aren't easily guessable or derived from public information.

5. Setup, Use, and/or Check Any Credit or Data Monitoring Services

If you use any sort of data monitoring or ID monitoring service(s), this would be the time to check on them or even ask the provider to run an up-to-date check of your personal information.

• Guardio: We do use and recommend Guardia as an "Umbrella" service to not only monitor your personal information but also look for password leaks and even provide email/web filtering and monitoring. The service is not free, unfortunately. But their products and services have GREATLY helped us with similar issues in the past.
• Free Credit Monitoring such as Experian, Equifax, Credit Karma, the FTC, and other resources.

6. Enable Two-Factor Authentication (2FA)

Where available, always enable two-factor authentication (2FA) for your accounts. However, be cautious with the type of 2FA you use:

• Do not rely on 2FA through SMS or email, as these can be intercepted through SIM-swapping attacks or email compromises.
• Use an authenticator app such as Google Authenticator, Microsoft Authenticator, or Authy.
• Security Keys: For the highest level of protection, use your security key for 2FA on any accounts that support it.

Make sure to set up both security keys on all accounts that support them for redundancy in case one is lost or stolen.

7. Implement Security Keys for Two-Factor Authentication (2FA)

Using a security key (like a YubiKey) is one of the most effective ways to protect your accounts. Security keys provide an extra layer of security beyond traditional passwords by requiring physical confirmation for account access.

• Buy Two Security Keys: Setting up two keys ensures that if one is ever lost, stolen, or damaged, the backup key can be used to regain access to your account.
• Register Both Keys: Set up both keys on every account that supports their use (e.g., Google, Dropbox, Microsoft, social media, financial services, etc.).

8. Ongoing Protection and Monitoring

After recovering your accounts and enhancing their security, adopt good online security practices going forward:

• Use a Password Manager: This helps you create and store strong, unique passwords for all your accounts.
• Monitor Credit Reports: If financial information is compromised, regularly monitor your credit report for unusual activity. You can also consider placing a fraud alert or credit freeze.
• Watch for Phishing Attempts: Be especially cautious of phishing emails or texts that may follow a breach, as hackers may try to gain further information by impersonating legitimate companies or services.

By following these steps, you can effectively respond to an account compromise and significantly reduce the chances of future breaches. The key is to act swiftly, report incidents, and continuously improve your security practices.

Understanding Phishing and Social Engineering Attacks: A Deep Dive Into Modern Scams

Phishing and social engineering attacks have become increasingly sophisticated, targeting individuals and organizations intending to deceive and exploit. One of the most prevalent forms of social engineering is the fake tech support scam, where attackers pose as legitimate technical support representatives to gain access to personal information, financial details, or direct control of the victim’s computer. However, there are many other ways a scammer can convince someone into believing and going along with a targeted Scam. In this article, we’ll explore how these scams operate, their common tactics, and how you can protect yourself and others from falling victim.

How Online Scams Work

Initial Contact: The Hook

Scammers often initiate contact with potential victims through various channels, employing different tactics to lure them into the trap:

1. Cold Calls: The scammer calls the victim directly, impersonating a representative from a well-known company such as Microsoft, Apple, or a popular antivirus provider. They usually claim to have detected viruses, malware, or other critical issues on the victim’s computer.
2. Pop-Up Warnings: While browsing the web, the victim may encounter alarming pop-up messages. These pop-ups often mimic legitimate security alerts, claiming that the computer is infected and instructing the user to call a provided number for immediate assistance.
3. Phishing Emails: The scammer may send phishing emails that appear to come from reputable companies. These emails typically warn of security threats and urge the recipient to call for support or click on a link, leading them to a fraudulent website or direct contact with the scammer.

Convincing the Victim: The Bait

Phishing email attacks are designed to trick recipients into revealing sensitive information, such as passwords, credit card numbers, or other personal data. Below are some common examples of phishing email attacks:

1. Fake Account Security Alert:
   You receive an email claiming to be from your bank or another financial institution, warning you of suspicious activity on your account. The email urges you to click on a link to verify your identity or secure your account.
• What to Look For:
• Urgent language like "Your account has been compromised!" or "Immediate action required."
• Links that appear to be legitimate but lead to a fake website designed to capture your login credentials.
• Generic greetings like "Dear Customer" instead of your actual name.
• Protective Action:
• Do not click on links in the email. Instead, go directly to the institution’s official website and log in there to check your account status.
  
  
2. Impersonation of a Trusted Contact:
   You receive an email that appears to be from a colleague, friend, or family member asking for help or money. The email might claim that the sender is in trouble or needs urgent assistance.
• What to Look For:
• The sender's email address may look similar to the real one but have small differences (e.g., john.doe@examp1e.com instead of john.doe@example.com).
• Requests for unusual actions, such as purchasing gift cards or transferring money.
• Poor grammar or language that doesn’t sound like the person you know.
• Protective Action:
• Contact the person directly using a different method (like a phone call) to verify the request before taking any action.
  
  
3. Fake Invoice or Payment Request:
   You receive an email from a supplier or service provider claiming that you owe money for an invoice that you don’t remember. The email includes a link or attachment to view the invoice
• What to Look For:
• Unfamiliar sender or details about a purchase you don’t recall.
• Attachments that might contain malware or links to phishing websites.
• Pressure to make a payment quickly.
• Protective Action:
• Verify the legitimacy of the invoice by contacting the supplier directly using known contact information. Do not open attachments or click on links in the email.
  
  
4. Job Offer or Employment Scam:
   You receive an email offering a job opportunity with an attractive salary or benefits, often asking you to provide personal information or pay a fee upfront.
• What to Look For:
• Unsolicited job offers that seem too good to be true.
• Requests for personal information like Social Security numbers or bank details early in the process.
• Professional-looking emails but with poor grammar, odd formatting, or vague job descriptions.
• Protective Action:
• Research the company independently, and avoid sharing personal information until you have verified the legitimacy of the job offer.
  
  
5. Delivery Notification Scam:
   You receive an email claiming that a package delivery attempt failed and that you need to click on a link to reschedule delivery or update your shipping information.
• What to Look For:
• A sender claiming to be from a delivery service like UPS, FedEx, or DHL.
• Links to websites that are not the official delivery service's domain.
• No specific details about the package, such as the sender's name or tracking number.
• Protective Action:
• Visit the delivery service’s official website and enter your tracking number manually, or contact the service provider directly to confirm the delivery status.
  
  
6. Phishing for Credentials:
   You receive an email that appears to be from a service you use (like Google, PayPal, or Netflix) stating that there’s a problem with your account. The email includes a link that directs you to a fake login page designed to steal your username and password.
• What to Look For:
• Emails that urge you to "confirm your account" or "update your payment information" immediately.
• Links that, when hovered over, show a different URL than the official site.
• Fake login pages that mimic the real site but have slight differences in the URL.
• Protective Action:
• Never log in through links in unsolicited emails. Instead, navigate to the service provider’s official website manually to check your account.
  
  
7. Tax Scam Emails:
   You receive an email purporting to be from the IRS or another tax authority, claiming that you are due a refund or owe additional taxes. The email instructs you to click a link to provide your financial details.
• What to Look For:
• Emails from government agencies, especially those asking for personal information.
• Claims that you are entitled to a refund or need to pay taxes urgently.
• Requests for sensitive information like your Social Security number or bank account details.
• Protective Action:
• The IRS and most government agencies do not initiate contact via email. If you receive such an email, report it to the appropriate authorities (like the IRS at phishing@irs.gov).

Gaining Remote Access: The Trap

Scammers often will try to gain remote access to a victim's computer or online accounts, giving them control and the ability to steal personal information, install malware, or commit fraud. Here’s a basic rundown of how these scams work:

• Creating Urgency: To make the victim anxious and more likely to comply, the scammer uses technical jargon and alarming language. They might say that immediate action is needed to prevent severe damage or data loss.
• Gaining Trust: The scammer may instruct the victim to perform simple tasks on their computer, such as opening the Event Viewer, which naturally shows error messages. They use this to "prove" the computer is compromised, even though these messages are normal and harmless.
• Requesting Remote Access: The scammer then persuades the victim to install remote access software (like TeamViewer, AnyDesk, or LogMeIn). This software allows the scammer to take control of the computer as if they were physically present.
• Exploiting Access: Once they have control, the scammer might:
• Install malware to steal personal information.
• Access online accounts, such as banking or email.
• Demand payment for their "services" or for fixing the supposed problem.

Continued Exploitation: The Aftermath

Even after the victim has paid, the scam may not end. The scammer might leave behind software that allows them to regain access to the computer later, or they might sell the victim’s information to other scammers, leading to further fraud attempts.

Protecting Yourself Against Phishing and Social Engineering Attacks

Be Skeptical of Unsolicited Contact

Legitimate companies rarely contact customers out of the blue about computer issues. If you receive an unsolicited call, pop-up, or email, be cautious. Do not provide any personal information or grant remote access to your computer.

Verify Claims Independently

If you encounter a warning or receive a message claiming there’s an issue with your computer, do not trust it without verification. Use official channels to verify the legitimacy of the claim. For example, look up the company’s official contact information and reach out to them directly.

Do Not Allow Remote Access

Never allow someone you do not know or trust to control your computer remotely. Legitimate support personnel will only ask for remote access if you have initiated the contact through verified means.

Use Reputable Security Software

Ensure that your computer is protected by up-to-date antivirus and anti-malware software. Programs like Malwarebytes Anti-Malware are excellent tools to detect and remove potential threats.

Educate Yourself and Others

Awareness is key. Educate yourself about common scam tactics and share this knowledge with friends and family, particularly those who may be less tech-savvy.

What If You’ve Fallen Victim to a Scam!?

If you’ve fallen victim to an online scam, acting quickly is important to minimize potential damage. Here’s what you should do:

1. Stop All Communication
• Immediately cease any communication with the scammer. Do not respond to emails, messages, or calls.
2. Disconnect from the Internet
• If the scam involves remote access to your computer, disconnect from the internet immediately by unplugging your ethernet cable or turning off your Wi-Fi. This prevents the scammer from accessing your system further.
3. Change Passwords
• Change the passwords for your online accounts, starting with your email, banking, and any accounts where sensitive information is stored. Use strong, unique passwords for each account, and consider enabling two-factor authentication (2FA) where possible.
4. Contact Your Bank or Credit Card Company
1. If you’ve provided financial information or made payments, contact your bank or credit card company immediately to report the scam. Request that they monitor your account for suspicious activity and possibly issue new cards.
5. Check for Unauthorized Activity
• Review your bank statements, credit card accounts, and online accounts for any unauthorized transactions or changes. Report any suspicious activity to your financial institution or the respective service providers.
6. Remove Any Installed Software
• If the scam involves installing software on your computer (such as remote access tools), uninstall it immediately. Go to `Control Panel > Programs > Programs and Features` to uninstall the software, and then check Task Manager (`Ctrl + Shift + Esc`) for any suspicious startup entries.
7. Scan for Malware
• Run a full system scan using reputable antivirus and anti-malware programs like Malwarebytes Anti-Malware. This will help identify and remove any malicious software that the scammer might have installed.
8. Report the Scam
• Report the scam to the relevant authorities. In the United States, you can file a report with:
• The Federal Trade Commission (FTC) at [ReportFraud.ftc.gov](https://reportfraud.ftc.gov/)
• The Internet Crime Complaint Center (IC3) at [www.ic3.gov](https://www.ic3.gov/)
• Your local law enforcement agency.
9. Monitor Your Identity
• Keep an eye on your credit report and consider placing a fraud alert or credit freeze with the major credit bureaus (Equifax, Experian, and TransUnion) to protect against identity theft.
10. Educate Yourself and Others
• Learn about common scams and share this information with friends and family to help protect them from similar threats. Awareness is one of the best defenses against online scams.
11. Consider Professional Help
• If you’re unsure about the extent of the damage or how to secure your system, consider seeking professional assistance. Pacific Northwest Computers in Vancouver, WA, can help you secure your system and recover from a scam. You can contact them at 360-624-7379 for further assistance.

Conclusion

Phishing and social engineering attacks, such as fake tech support scams, are a significant threat in today’s digital world. By understanding how these scams operate and taking proactive steps to protect yourself, you can avoid becoming a victim. Always be skeptical of unsolicited contacts, verify claims independently, and never allow remote access to your computer unless you’ve initiated the contact through verified channels. If you do fall victim, act quickly to secure your computer and seek professional help to ensure your personal information remains safe.

Pacific NW Computers

www.linktr.ee/pnwcomputers

www.pacificnwcomputers.com

I think someone is accessing my accounts and/or devices! What do I do!?

If you suspect someone is accessing your accounts and/or devices, quickly securing them is crucial. Here are steps to check if your devices or accounts are being monitored or accessed by a 3rd party; and how to secure them!!

Check If Somone Has Access To Your Accounts and/or Devices:

1. Check for Unusual Behavior Being Exhibited By Your Device(s):

   • Unexpected battery drain.
   • Data usage spikes.
   • Overheating devices.
   • Unusual pop-ups or applications.

2. Review Account Activity:

   • Check recent activity on your accounts to see if there are any unauthorized logins or changes.
   • On Gmail: 
   • Go to “Details” at the bottom of your inbox.
   • On Facebook: 
   • Settings > Security and Login > Where You're Logged In.
   • For other services, look for similar settings.

3. Check Connected Devices:

   • Review the list of devices connected to your network or online accounts (Google, Apple, etc) and remove any devices that you do not recognize.

4. Review Installed Apps:

   • Go through your installed applications and look for any apps you don't recognize or remember installing.
   • On Android: Settings > Apps.
   • On iOS: Settings > General > iPhone Storage.

5. Check Permissions on/of Your Device(s):

   • On Android: Settings > Apps > [App Name] > Permissions.
   • On iOS: Settings > Privacy > [Permission Type] (e.g., Location Services, Camera).

6. Update Your Software:

   • Ensure your device's operating system and all apps are up to date, as updates often include security patches.
   • On Android: Settings > Software Update.
   • On iOS: Settings > General > Software Update.

7. Run Security Scans:

   • Install and run Malwarebytes Anti-Malware to detect any malicious software.
     • Malwarebytes for Android
     • Malwarebytes for iOS

Steps to Secure Your Accounts & Device(s):

1. Change Your Passwords:

   • Update passwords for all accounts linked to your devices.
   • Use strong, unique passwords for each account.
   • Consider using a password manager.

2. Enable Two-Factor Authentication (2FA):

   • Set up 2FA for all accounts that support it to add an extra layer of security.

3. Logout from All Devices:

   • Sign out of all devices for each account. This will force any unauthorized users to log back in, prompting 2FA if enabled.
   • Look for "Log out of all devices" or similar options in account settings.

4. Reset Your Device:

   • Factory reset your device to ensure no malicious apps remain.
   • Backup important data before resetting.
   • On Android: Settings > System > Reset > Factory data reset.
   • On iOS: Settings > General > Reset > Erase All Content and Settings.
   • After resetting, only reinstall apps from official app stores and trusted sources.

5. Monitor Account Activity:

   • Regularly check account activity for any unauthorized access or changes.

Notify & Seek Help:

1. Notify Account Providers:

   • Contact the support teams of the services where you suspect unauthorized access. They can help secure your account and investigate any breaches.

2. Consider Legal Action:

   • If you believe your privacy is being violated or if there are any illegal activities, contact local law enforcement for assistance.

3. Get Professional Help:

   • For further assistance in securing your accounts and devices, contact Pacific Northwest Computers in Vancouver, WA. We can provide professional help in securing your digital presence. Reach us at 360-624-7379.

Additional Tips:

• Use a Password Manager: Consider using a password manager to generate and store complex passwords securely.
• Regularly Monitor Accounts: Keep an eye on your account activity and be alert to any suspicious behavior.
• Educate Yourself on Security: Stay informed about online security practices to better protect your digital life.

By following these steps, you can regain control of your accounts and devices, enhancing your overall security. If you need personalized assistance, don't hesitate to reach out to professionals for help!

Pacific NW Computers

www.linktr.ee/pnwcomputers

www.pacificnwcomputers.com

Had a Data Breach or Experienced a Computer/Network Hack or Attack?! Here's What To Do!

What To Do If You Have a Data Breach or Experience a Computer/Network Hack or Attack!

Despite your efforts to control access, track assets and create secure procedures for your network, online accounts, and computer systems. Data breaches, Server Attacks, Network Attacks, Account Hi-Jacks, you name it! It can happen, and it does happen. Knowing what to do if you suspect or actually have a problem can make the difference between a minor inconvenience, and a disaster that interrupts your ability to do business! The following steps can help you recover after a breach or hacking incident. The faster you can recover, the sooner you can get back to business!

1. Stop the Breach/Stop the Attack:
   Isolate any devices or systems that have been identified as being a part of the breach and/or attack. If the hacker has used an email or account to access your systems, close them down to prevent further damage. If a specific computer is infecting other systems on the network, disconnect its network connections and get it offline. Ultimately, the faster you can restrict access to the systems, computers, and or accounts that have been affected, the less damage a hacker can do.
   
   
2. Examine the Damage:
   You’ll need to determine the extent of the damage and which systems,  accounts, or users are suspected of being compromised, and which systems are confirmed secure. When you know what has actually been accessed, and what/who has been attacked, you will be better equipped to deal with the overall situation.
   
   
3. Restore your Systems:
   Once the threat has been addressed, you can restore your systems, network, etc so you can continue your normal day-to-day work. If you have a DRaaS or BaaS system in place, your provider will be able to help you recover any lost, stolen, or deleted data quickly. If you don't have any backup systems in place for your critical data, try to work with your in-house IT team to attempt data recovery, and get things back up and running as fast as possible. If you realize you are in over your head, engage with an IT solutions company like Pacific Northwest Computers to help remedy security issues and implement data protection plans for the future.
   
   
4. Perform an Audit:
   Determine how your systems, online accounts, email accounts, etc were accessed. Go over your response to stopping the breach, and the effect the attack/response had on your business. Once you know the answers to those questions, you can make better decisions on how to move forward and be better prepared for the future.
   
   
5. Learn From Your Mistakes:
   After the initial shock has passed and your system is back on track, work with your IT team and or an outside IT company such as Pacific Northwest Computers, and establish a plan to prevent further issues, as well as set up any further needed "safety nets" to limit downtime, enable a quicker response, and prevent any data loss as well as have a system to get data back as quickly as possible. This will lower your risk of further attack as well as better prepare yourself if another attack was to occur. That alone is worth the peace of mind!
   
   For example, If your attacker got in via your email or by exploiting a poorly chosen password, retrain employees to better protect your network. If the attacker used a lost or stolen device, you may need to address inventory tracking. If data was stolen, held for ransom, etc. you have a backup plan for all of your important and critical data! Plus much more.

As always, if you need help with anything, just give us a call, send us a text, or send us an email!!

Pacific NW Computers
360.624.7379
503.583.2380
www.pnwcomputers.com
www.linktr.ee/pnwcomputers.com