Hackers do the most damage when they fly under the radar, so to speak. Why? Because the longer they remain undetected, the more damage they can ultimately do.
If a user doesn't know their machine has been compromised, they will assume it is secure. Therefore, it behooves a hacker to use subtle techniques to break into your personal PC or company IT network. It isn't always easy to determine if your machine is secure.
That said, there are a few telltale signs that your cybersecurity measures have failed to keep a hacker out. If you suspect a malicious hacker has broken into your IT network, use this list as a guide to investigate the issue further.
#1 Ransom Message
This one is pretty obvious. Ransomware can infect PCs in a number of different ways. Hackers often deploy these as links in emails, but there are other ways. Some will go so far as to embed the software in a seemingly innocuous file like a Word or Excel document. Once the user downloads the attachment, the infection gets to work encrypting files on your PC.
Once active, ransomware quickly encrypts every file it can find. The entire process could take less than 30 seconds. Once this process is complete the ransomware will place a message on the desktop. This message informs the user the infection is active and provides instructions to pay the hacker in exchange for the decryption key.
What to do:
Contrary to popular belief, not all ransomware is difficult to remove. PCWorld has an excellent guide on how to clean up simple ransomware infections on your own. However, we always recommend talking to an IT professional for assistance in restoring your PC. They can help ensure the infection is completely removed and that your PC is safe to use.
#2 Fake antivirus messages
Have you ever seen a message on your desktop from an antivirus program you did not install? What you saw is most commonly referred to as scareware. These are malicious programs that pose as legitimate antivirus programs. These pop-ups fool the users into thinking their machine is already infected, and that the scareware is the only solution to that infection. The actual infection begins after the user purchases and download the fake antivirus. Lifewire has a great article on scareware with several example pictures.
What to do:
Scareware isn't as commonplace as it once was, but that does not make it less dangerous. A successful attack is considered the holy grail of hacks. Not only can the thief access the user's machine, but the user actually paid the hacker to do it, so he has the user's credit card information too.
#3 Unwanted browser toolbars
Does your browser suddenly have new toolbars that you did not install? This is another clear-cut sign of a compromised computer. Sometimes the toolbars have names that suggest they might be helpful. Do not be deceived. While there are many helpful and legitimate toolbars available to enhance most browsers, only trust toolbars from reputable vendors.
What to do:
These can relatively straightforward to fix. Most browsers have a settings menu with a line for toolbars and other 3rd party browser extensions. Scroll through the list, find the toolbar in question and then remove it from your browser. If you are unable to remove it, check to see if your browser offers the option to reset to its default configuration.
Generally speaking, these infections are easy to prevent. Keep your browser updated and patched, and avoid clicking on ads for browser tools, unless it’s from a well-known and reputable vendor. Stick to that plan and you should be just fine.
#4 Redirected internet searches
This red flag is closely related to #4 on this list, particularly because they often work hand-in-hand. These are commonly referred to as browser redirect viruses. It’s not always easy to spot, but one sign of being hacked is re-directed internet searches. Run a variety of search queries through your browser. Do you see the same results appearing no matter what terms you search? If so, you have what is most commonly referred to as a browser redirect virus.
Some hackers make a very good living by breaking into a computer, and then manipulating it to search for pre-defined websites. The goal is to get the user to click on an ad on a specific site, generating ad click revenue for the hacker.
What to do:
Often it is a malicious toolbar that does the actual re-directing. As we mentioned in #4, the best defense is to keep your browser updated and avoid suspicious-looking browser extensions.
#5 Frequent random pop-ups
Frequent, randomly occurring pop-ups are also a pretty clear sign you’ve been hacked. But “random” is the key word to remember. After all, websites show pop-up ads all the time, usually after you scroll or click on something. We’re talking about pop-ups that appear on your desktop, on their own, with no rhyme or reason. This is especially true if you see them on websites that do not typically display pop-up ads.
What to do:
Again, the solution to this falls in line with those of the previous three red flags. The pop-ups typically come from malicious toolbars and/or fake antivirus (scareware) programs. Get rid of those and the pop-ups should go away. If you’ve already gone about removing these infections and are still getting pop-ups, you might consider doing a hard reset. Seek out a reputable IT support professional for an expert recommendation.
#6 Your online password isn't working
If you cannot access an online account (banking, shopping, social media, etc.) and are absolutely certain you’re using the correct password, you may have been hacked. If you experience this, we recommend waiting 15-20 minutes and trying again. The website you’re trying to reach could be down or experiencing an error. However, if you’re sure this is not the case, then you need to act immediately. A fraudster has logged into a platform using your credentials, and then changed the password to keep you out while they wreak havoc with your personal information.
What to do:
More often than not, this is the result of a successful phishing attack. We won’t cover them in detail here, but we do have other resources available to you if you’d like to learn more. That said, there are three steps you should take right away:
- If the account in question is social media, the hacker may be trying to scam your contacts, posing as you. Find alternative methods to reach out to these contacts. Warn them not to engage with messages from that account.
- Once you’ve prevented more damage, contact the site or service and inform them that your account has been broken into. They will take steps to begin resolving the situation and returning the account to your control.
- Think of the password you had set for the compromised account, prior to the hack. Have you used that password elsewhere? If so, you should change those immediately, and stop reusing passwords.
#7 Your friends receive social media invitations that you did not send
This is closely tied to #6 above, and the steps to resolve it are the same. If your friends are receiving any communication you did not personally send, social media or otherwise, this is likely a fraudster.
What to do:
Follow steps 1-3 from #6, above. Generally speaking, those steps should always be your first response when/if you detect your personal information security has been breached.
#8 Your online account is missing money
Another pretty obvious one. If any of your online banking accounts are missing money, this could be a surefire sign of a hacked account. That being said, first you’ll want to make sure that it is, indeed, a hacker and not a bank error. Call your bank and ask them to look into the suspicious transaction(s). If the missing funds are the result of a fraudulent transaction, the bank will direct you through the proper steps to protect your finances and personal information.
#9 Your mouse moves on its own, making correct clicks
This one is almost blatantly obvious. Is your pointer moving all on its own? More importantly, is it moving randomly, or in a controlled fashion, making correct clicks? If this is the case your computer has most been compromised by a hack of some kind, and you’re going to need professional help to get this fully resolved.
What to do:
If this is a company computer, report the issue to your IT support team immediately! They are trained professionals and will take appropriate steps to get the matter resolved.
If this is a personal computer, however, you’ll need to get this process started on your own. Take notes about what the pointer was doing, or what the hacker may have been after. Next, power off the machine, and unhook it from the network. Skilled hackers can often turn a computer back on remotely if the network cable is still plugged in. Take it to an IT repair professional and have them restore it to factory defaults. Finally, using a different machine, change your logon information to all of your accounts.
This will no doubt take some effort to recover from, but it is essential that you take this type of attack very seriously. Nothing short of a full reset will do to resolve this type of issue.
#10 Anti-malware software, task manager, or registry editor is disabled and cannot be restarted
If your anti-virus or anti-malware system is turned off and you did not do it, this is a pretty solid indicator that your system has been hacked. Malware will often try to disable to slow down these programs, primarily because these are the tools you need to defeat the malware infection itself.
What to do:
The best thing to do here is a hard reset. Unless you know categorically that the infection has been deleted and your computer is once again secure, it’s the only option we would recommend. If a system restore is absolutely out of the question, talk to your IT department or find a local computer repair shop. For a fee, they may be able to root out the infection while leaving the rest of your data intact.