practice defensive computing
The following is a retelling of a desktop computer hacking incident and its aftermath. Some practices below can benefit other form factors like phones and tablets. It's not exhaustive but may serve as a good reminder of ways to practice defensive computing.
Let's say your Steam friend messaged you to try their new game out at a link they shared. It's time to answer some questions in your head.
- Have they ever done this before?
- If so, is this something that they normally do?
- If so, does the message's phrasing match their overall phrasing?
- If so, does the link match up with what you looked up separately for the game they mentioned?
If your answer to all of the above is no, then your friend's account might just be compromised. Instead of clicking that link, confirm what's going on either through them on another platform or other mutuals.
Let's say you click that link. While it's possible that just clicking a link alone can get you hacked, it's far more likely you will visit a spoofed login or download page. Further engagement on either page will lead to your credentials being stolen or a malicious payload downloaded if not activated. Instead of proceeding, leave and don't return. If you suspect that any damage has been done, read on.
What if you not only get multiple account credentials phished, but are then extorted for money? At this point, your operating system can be compromised and a line of hackers may be running amok on your system.
Dealing with a scenario like this isn't fun. Whether warnings go out directly from you or your friend, or indirectly from your stolen accounts, much embarrassment and disappointment can arise from poor practices. What can be done?
Let's start with what not to do. Avoid typing anything that can be used to gain access to your account credentials. Avoid giving unnecessary network or device access to whatever or whomever is hacking you. That includes avoiding wasting time interacting with hackers, particularly those that send you PayPal links asking for money in foreign currencies.
Your goal now is to lock down your system and accounts, then salvage or blank slate whatever you possibly can.
If you still have a trusted antivirus like Windows Defender installed on your system, enable it if it isn't disabled and run as comprehensive of a scan as you can. Yes, I mention Windows Defender since I expect mostly Windows users to suffer this fate by way of market share. However, at this severity, the same general advice applies to other operating systems too. Once it's done, let it clean your system as best as it can if it hasn't already done so.
If you can't or won't run antivirus, turn off the affected device and switch to a safe device like a mobile phone or tablet.
If any sensitive accounts such as a bank account were hit, call and report the incident to the associated institution or business immediately. Then, log into all the accounts you possibly can and change your passwords. If you don't use a trusted, cross-platform password manager like the cloud-based Bitwarden or the local KeePassXC (which you manually sync to other devices), now would be a good time to start. These programs can help you create unique, hard-to-guess, and randomly generated passwords per account. You're not using the same password or insecure passwords across all of your accounts, are you?
While on your mobile device and tablet, add two-factor authentication (2FA) to as many accounts as you possibly can. The more you can setup app-based authentication instead of spoofable text and call authentication, the better. Of course, 2FA requires the safety and security of your mobile devices and apps.
With enough damage, you will need to reinstall your operating system via install media, possibly after reformatting your drive. If you don't know how to do either off the top of your head, now would be a good time to refresh your memory. If you don't maintain and test offline and offsite backups regularly, you should start now.
Ultimately, the best fix and preventative measure for the above incident is adapting your behavior. If any doubt arises during your computing, pause and think about what your next action would look like if it were secure. Computing can be as safe or as dangerous as you make it. Proceed with caution.
I hope this post gets anyone into gear about improving their online security and behavior.
Want to reach out? Connect with me however you prefer:
- Email me via your mail client
- Copy my email address or remember it for later:
yoursimperfect@proton.me - Email me via Letterbird contact form or open it in a new tab