So I've been hacked - what do I do about it?

It was the great philosopher Homer Simpson who said "It takes two to lie. One to lie, and one to listen".

In the same vein, computer crime requires both a miscreant and a victim. The chances are that if you have fallen foul of some computer skullduggery in the past, that the miscreant didn't manage this without your help.

Web Safety Guru computer training cannot prevent criminals from trying to attack you but it can help you reduce the chances of an attack succeeding and it can help limit the damage if you do get unlucky.

The tuition I provide will help protect you in many ways. You'll learn about stronger passwords, spotting scam emails, viruses and malware, cookies and privacy, safety on social media and more.

In this article I'll discuss the approach you should take if you are unlucky and fall victim to some form of computer crime.

Let's start with two pieces of advice which are useful in most situations in life: 1. Don't Panic. 2. Have a plan.

Don't panic

Scam emails often try to induce panic in their intended victims. They may threaten severe consequences: your bank account may be frozen, your insurance may expire, you may be prosecuted. This will be combined with a really tight deadline which is designed to reduce your time to think. A classic of the genre is the blackmail email which threatens to send out a compromising video of you to all of your contacts unless you pay a ransom in bitcoin within 48 hours.

On almost every occasion you can rationally deduce that the email is not genuine, so long as you have time to do so, and are not panicking.

Always have a plan

In my web safety training, I'll be conveying the idea that you should work to a plan for each type of threat you face.

For example. You have discovered that one of your passwords has been compromised. What do you do first?

Many people would immediately say "change the password" however the answer really depends on how the password came to be compromised. For example, if your password was stolen because your device was infected with a keylogger, changing the password would achieve very little because the keylogger would then have access to your new password as well.

So the first step should be working out how the password came to be stolen. There are many possibilities: somebody guessed your password because it was too weak; you fell victim to a phishing attack; your computer was infected with malware; you gave away relevant information on social media; you were intercepted while logging in on a public network; the password was stolen not from you but from the server you logged into. Until you know otherwise you should make the assumption one or more of your devices is infected. Kick off a virus scan on all your relevant devices. If you wish to change your password ASAP, fine but change it to something temporary and be prepared to change it again once you have completed your investigations. Make sure this new password is not used by any other account you own.

If it turns out you do have a keylogger, you must remove this before setting your long-term password. You may need to review your anti-virus strategy. You should also attempt to discover how you got infected with the keylogger so you can avoid the situation repeating itself. Your plan should also include points like not logging onto any other sites until you've established that your computer is uninfected (otherwise you are risking more of your passwords falling into enemy hands).

It's vital to know which of your other accounts are at risk (i.e. that have the same password as the one that's been stolen) and make preparations to update those also. You may need to inform contacts that you have been hacked, for example if it was your Facebook account you will want your friends to be on the lookout for suspicious activity coming from 'you'. You won't want your friends suffering the same fate as you.

I used this example as it demonstrates that everything I cover in the Web Safety Guru security tuition is linked. There's more than one way of getting hacked and there's more than one way of getting a virus.

The key to minimising the damaging effects of a security breach is in keeping a cool head and being methodical in sticking to a plan for each situation.


Web Safety Guru offers one to one computer training designed to keep you safe online.

We'll discuss: passwords and security, email scams, viruses and malware, cookies and privacy, safety on social media and safety on public networks.

Visit the homepage to learn more about the options for Zoom courses and home tuition.