Dr. Eric Steckler was rushing to get ready for an appointment with a patient when he saw an email in his inbox from PayPal. It was notifying him that a computer he had supposedly bought was being shipped to Austin, Texas. However, Steckler lives in Virginia.
The email included a transaction number for the purchase and a phone number—so he called the number to figure out what was going on. The person who answered offered to refund Steckler for the mix-up but said he would need access to his computer to do so. “It didn’t click into my mind: Why do they have to get into my computer to do a refund?” Steckler says.
After he was told how to grant remote access to his computer, Steckler says his screen went black, but he could see the computer cursor moving and something being typed. The “representative” on the phone then asked Steckler for the access code he received in a text message from his bank.
Then, the person on the phone said his team had mistakenly refunded him $28,000 instead of $2,800 and that someone was going to lose his job if Steckler didn’t help fix the mistake.
“I say, ‘Who are you? Are you really PayPal?” Steckler says. He could hear someone playing ping pong in the background, so he asked: “They let you play ping pong in the office?” The person hung up, and Steckler knew he had been hacked. He also knew that he had to act quickly to limit the damage.
What is hacking?
Hacking occurs when unauthorized access is gained to a computer, mobile device or entire computing system. Hackers can have a variety of motives, but they often have malicious intent when they break into computers. When they get access to individuals’ computers or mobile devices, they usually are after personal or account information for financial gain.
How do hackers get into your computer?
Antivirus software provider Norton estimates that 800,000 people are hacked per year. Hackers use a variety of methods to gain access to computers or mobile devices. Some of the most common ways they target individuals include the following:
Phishing: More than one-third of data breaches involve phishing, according to the Verizon 2022 Data Breach Investigations Report. Phishing involves emails or text messages that typically appear to come from legitimate organizations and prompt recipients to click on a link within the message. Those links either connect to fake websites or contain malware that can infect computers. The goal is to get victims’ account numbers, login credentials, Social Security numbers or other sensitive information to access their accounts or steal their identities.
Tech support scams: Hackers often gain access to computers by calling and claiming to be a computer technician with a well-known company. They claim that there is a problem with your computer and ask for remote access to fix it, according to the Federal Trade Commission.
They may use pop-up windows that will appear on computer screens and look like error messages or antivirus software. The messages typically include a number to call for help. However, real tech companies won’t ask you to call a number in a pop-up message or click on a link for help, according to the FTC.
Hackers also use online ads and listings in search results for tech support. Cybersecurity expert Adam Levin says that a guest on his podcast, What the Hack With Adam Levin, called the number on a sponsored ad that appeared in the search results when she was looking for solutions to a problem she was having with her Quicken software. The person she spoke with asked for access to her computer and said they would need three hours to fix the problem. As she was watching things happen on her computer screen, Levin says, “It finally dawns on her that she called the wrong people.”
Fake wireless access points: Hackers can create fake wireless access points to take advantage of people who use free public WiFi. If you connect to a wireless access point that hacker has set up, hackers can steal your online account usernames and passwords or even take control of your device.
Signs your computer is hacked
If a stranger claiming to be with tech support asks you to download software to access your computer remotely, you know your computer has been hacked. However, if you didn’t knowingly grant access to your computer, it still could be infected with spyware if you clicked on links in phishing emails, online ads or pop-up messages.
The following are among the signs that your computer is hacked, according to the FTC.
- Unusually slow computer performance or frequent crashes
- Frequent pop-up windows that prompt you to click on links or visit unusual websites
- Inability to shut down or restart your computer
- Inability to remove software
- Runs out of battery life quickly
- Changes to your home page
- New tools or icons in your browser or on your desktop
- Unknown programs that run when you start your computer
- Programs automatically connecting to the Internet
- A new default search engine or websites you didn’t open pop up
- Emails you didn’t write are sent from your account
- Changes to your account passwords
What to do if your computer is hacked
You need to take action as soon as you recognize that your computer has been hacked. Follow these steps.
Step 1: Disconnect your computer from the Internet to stop the hacker from accessing your computer remotely. If you use a wireless Internet connection for a computer with a Windows operating system, click the Internet access icon on the Windows taskbar at the bottom right of your screen and disconnect from your wireless network. For a Mac, click the wireless icon on the menu bar on the top right of your screen and turn AirPort off. If your computer is connected to the Internet through a wired Ethernet connection, unplug the Ethernet cable from the jack.
Step 2: Shut down your computer to prevent any further damage to it or access to your files.
Step 3: Get legitimate tech support. To identify whether your computer has been infected by a virus or malware and to repair the damage, cybersecurity expert Levin recommends getting professional help. “Don’t try to solve the problem yourself,” he says.
Contact your computer manufacturer’s tech support by visiting its website. There should be a “support” tab with contact information for technical support. Here are links for some of the major computer manufacturers:
If your computer or device manufacturer has a retail location nearby, you could take your computer there to get help. Or you could take it to a Best Buy location to get support through its Geek Squad service.
Your computer’s hard drive might need to be removed and scanned for infections. Data on the drive will need to be backed up onto another drive, and the operating system might need to be reinstalled. It’s not easy, which is why it’s best not to attempt it on your own.
Step 3: Change your passwords. Hackers could have gotten access to your email and online account passwords while snooping on your computer, especially if you had your login credentials saved at the various sites you visit. So you’ll need to change all of them.
Levin recommends using a password manager to generate strong, unique passwords for all of your online accounts. A password manager such as one that’s part of the Carefull service can generate and securely store all of your passwords. You’ll just need to keep track of the login credentials for the password manager.
Also, set up two-factor authentication for all of your online accounts. This will require you to use another verification factor such as a text message with a code you’ll need to enter in addition to your username and password. This makes it harder for hackers to access your accounts.
[ See: How to Protect Your Account Passwords ]
Step 4: Notify your financial institutions about any fraudulent transactions made by hackers. Let your bank or credit union know about any unauthorized transfers or withdrawals. If hackers gained access to your credit card numbers, cancel those cards and request new ones.
You have the right to dispute any unauthorized charges and can get your money back if you report the fraudulent charges immediately. The Federal Trade Commission has a sample letter for disputing credit and debit card charges. However, you don’t have the same protections if you initiated any payments to hackers—even if they conned you into making those payments. The payments would likely be considered authorized, and you might not get your money back.
When hackers accessed Steckler’s computer, they moved $28,000 from one of his bank accounts to another one of his accounts. “Luckily, no harm was done,” he says. However, he asked his bank to freeze his account to prevent further transactions.
Limit the damage
Even if you stop hackers from accessing your computer remotely or remove any viruses, you have to remain vigilant. There can continue to be fallout as a result of the information hackers might have stolen. So make sure you take these precautions.
Review your accounts. Review your bank and credit card accounts for unusual charges. Also, check any retail websites where you have accounts. For example, Steckler says he discovered that the thieves who hacked his computer bought two Amazon gift cards through his account.
Also, check your customer profile on your accounts to ensure that your personal information and security questions haven’t been changed by hackers. After being hacked, Steckler discovered on his online bank account that an unknown computer had been added to the account’s list of trusted devices—so he deleted that device.
Set up account, credit and identity monitoring. Levin says you need to keep constant tabs on your accounts to catch any suspicious activity. You can do this by signing up with your bank and credit card issuers to receive transaction alerts.
You also could use a service such as Carefull to monitor not only your financial accounts but also your credit and identity. Carefull monitors bank, credit card and investment accounts 24/7 for common money mistakes and signs of fraud and will alert you when it spots something unusual. It keeps constant tabs on your credit reports and alerts you to any changes, including new accounts that are opened in your name. It scours the Internet and dark web to detect misuse of your personal information. And it provides up to $1 million in identity theft insurance to help you recover your identity if it’s stolen.
Freeze your credit reports. Prevent hackers from using your personal information to open new accounts in your name by freezing your credit reports. Lenders can’t extend new loans or lines of credit in your name if they can’t access your credit reports.
To freeze your credit reports, you need to contact all three of the major credit bureaus:
[ See: Why You Should Freeze Your Credit Reports ]
Report the crime. If hackers got access to your personal information, report it to IdentityTheft.gov. This government website also will provide you with an individualized recovery plan. You also should file a report with local law enforcement and get a copy of the report, which you might need to dispute any fraudulent charges, accounts or other issues that result from your identity being stolen.
How to avoid being hacked
To protect yourself going forward, there are several things you can do to avoid being hacked and to limit the damage if thieves get access to your devices.
Don’t click on links in emails or text messages, even if the messages appear to come from a trusted source. If an email or text message is alerting you to an issue with one of your accounts, contact the company where the account is located directly by looking up the phone number on your account statements or company website.
Hang up on tech support calls or on any unsolicited calls requesting your personal information, access to your computer or immediate payment through a wire transfer, gift card purchase or other unusual form of payment.
After hackers accessed Steckler’s computer by claiming to be with PayPal, they called back twice. The first time, the person calling asked, “What are you going to do for me to release your computer?” Steckler says he immediately hung up. The next call he got was from someone claiming to be from the fraud department of the FBI. After hanging up, Steckler says he blocked the number.
Protect your devices by installing antivirus software on your computer. Turn on automatic updates to keep your computer’s software up to date. And make sure the Internet browser you use is the latest version.
With your smartphone, run any operating system updates as soon as you get reminders to do so. Only download apps from trusted sources, such as the Apple App and Google Play stores, and keep downloaded apps updated. Most importantly, create a strong passcode to access your phone so thieves won’t be able to get into it if it is lost or stolen.
Don’t use public Wi-Fi to log into your email, online accounts or social media accounts. If hackers have tampered with the wireless access point, they can gain access to those accounts and do lots of damage.
Back up your computer files on a USB flash drive and on the cloud. If you have a PC with Microsoft, you can download the free OneDrive desktop app to automatically sync your documents and folders to a cloud storage system. If you have a Mac, you can use the iCloud Drive. You also can use Dropbox to store files to the cloud.
Before his computer was hacked, Steckler actually had purchased a new computer. Because he knew a new computer was coming, he had backed up his files on a thumb drive. So he was able to import them on his new computer without worrying about any malware hackers might have installed on the computer they accessed.
Steckler, whose computer was hacked, says he gets multiple phishing emails a day and typically recognizes them as scams. Because he was in a rush, he let his guard down when he responded to the email that supposedly was from PayPal. “That’s the big message: Don’t rush,” he says. “It can happen to anybody.”
Before taking any action if you get an unusual call, email or text message, take a moment to ask yourself whether it could be a scam. Reach out to someone you trust to get a second opinion. Or do a quick search online for the word “scam” and the name of the company, organization or agency that supposedly is calling, emailing or messaging you.
[ Keep Reading: 10 Signs You’re a Victim of Fraud or Identity Theft ]