How to Tell if Your Computer Has been Hacked and What to Do to Fight Back?
One of the worst fears that most computer users have (or should have) is the fear of their computer being hacked.
However, do you know how to tell if your computer has been hacked or what to do in that case?
In this article, we are going to explain why hackers want to hack your computer or phone, how to recognize if you’ve been hacked and finally what to do in this situation.
Why Do Hackers Want to Hack You?
Hackers target businesses in order to steal their financial data and customer data and either leak them or ransomware the company for money, or for some other agenda like disrupting their service, or they have political or activist motivations to do so.
But when it comes to personal computers, the reasons could be a bit different (although some reasons, like ransomware, still apply).
In this case, hackers want to hack you to:
- Use Your Computer
Hackers can use a hacked computer in several ways:
- As a storage device for pirated software, pornography, hacking tools and other unlawful materials they don’t want to have connected with them.
- As a part of a DDoS (Distributed-Denial-of-Service) attack. This way hackers can disrupt the normal traffic of a server or network by flooding it with too much traffic and your hacked computer is helping them in it.
- To use it as an IRC server. This is like using your computer as a safe place where cybercriminals can talk about their activities without using their own servers.
- Turn your computer into a part of a botnet. This is called a “bot” or a “zombie”.
- For Fraud and Other Criminal Gain
Another reason hackers want to hack you is to get your passwords and other sensitive information like financial data. With this, they can fraud you in many ways.
In addition, having your data allows them to do a number of credit card frauds, like setting up a fake e-commerce site to collect credit card details.
- To Prove They can Do it
Hackers weren’t always all about money. In fact, the first “hackers” were MIT students from the 1960s who created programming shortcuts, aka “hacks” to complete computing tasks faster. One such “hack” is UNIX.
- For Other Reasons
Of course, there are numerous other reasons why hackers will try to hack your computer. This image shows a few of them:
How to Tell if Your Computer has been Hacked?
Now that you know “why” hackers will try to hack your computer, it’s time to learn how to tell if your computer has been hacked.
There are a few tell-tale signs of this:
- You Have New Programs Installed on Your Computer
If you are seeing new programs and apps installed on your computer or phone that you are sure that you didn’t install, you are likely hacked.
In particular, hackers will install trojans or backdoors, but also malware, spyware, rogue anti-virus programs, or IRC clients.
However, keep in mind that the appearance of a new program on your computer doesn’t necessarily mean that it’s been hacked.
There are several legitimate reasons why this could happen:
- As part of a program or OS update
- If they came bundled with other programs that you did install (like a toolbar as part of a plugin)
- Someone who used your computer installed it
- An Unknown Program is Requesting Access
Continuing with the unknown program theme, another indication of your computer being hacked is if programs you don’t recognize suddenly start requesting firewall access or access to the Internet.
If that happens, it’s best to block access to that program and remove them.
- Your Security Programs are Uninstalled
However, removing said rogue programs might not be that easy, especially if your firewall has been disabled or your regular security programs like your antivirus or anti-malware have been removed.
By doing this, a hacker can move much easier around your system and do what they want. Think about it like not having a lock on your door.
- Your Passwords Have been Changed
One more sign that your computer has likely been hacked is if your passwords suddenly get changed.
Passwords don’t change themselves and this includes both your local computer passwords and your online account passwords (like your email password for example).
- There are New Toolbars or Your Entire Browser Homepage has Changed
If your Internet browsing experience changed in any way, like having a new web browser homepage or seeing a new toolbar that you didn’t install, this is a good indication that you’ve been hacked.
In fact, you are likely dealing with a browser hijacker.
This is a rogue software that usually comes together as part of a freeware software and installs itself without your knowledge or permission. Luckily, it should be relatively easy to uninstall it.
- Your Computer is Doing Things on its Own
Okay, while the other signs here are not 100% sure that your computer has been hacked, one is a “no doubt about it”.
That’s if you see your computer start doing things itself. For instance, you could see your mouse cursor moving, programs opening, or text being typed without you doing anything.
This means that your computer is hacked at the root level.
- Your Internet Activity is Slower than Normal
In order to hack your computer, hackers will need to remotely connect to it. This usually results in a slower Internet speed.
But how to know if your slower Internet speed is actually the result of a hacked computer or is just the case of your ISP being a jerk and throttling it?
Use a bandwidth monitor to see which programs are using the most bandwidth on your device. If you see a program that takes an exorbitant amount of bandwidth that it has no business doing, you are likely hacked.
- Your Data is Exposed in a Data Breach
Just in the first three months of 2021, we have already seen several major data breaches, including Mimecast, Pixlr, T-Mobile, Microsoft Exchange and more that you can read about here.
However data breaches don’t happen only to companies and individual users can also be victims, so you might want to check a site called Have I been Pwned to make sure.
- Money is Missing from Your Account
Seeing money missing from your bank account is the worst and if you notice this, or some other strange activity, like signing up to services you didn’t sign up to, or receipts for items and services that you never ordered and are not delivered, it means that your computer could be hacked.
More precisely, you are being a victim of credential theft, which probably resulted from malware being installed on your device.
- Spam is Being Sent from Your Email
You might not be aware that your email is being used to send spam messages and to spread viruses and malware, but if your friends, coworkers or other contacts tell you that they are receiving strange emails from you, you should act quickly and change your email password.
Additionally, this could also mean that your email has been “spoofed”, so it’s a good idea to know more about spoofing and how to prevent it by checking this article.
What to Do if You Have been Hacked?
So let’s say you have been hacked for sure. Now what? Can you fight back?
Of course, you can and here’s how:
- Isolate the Computer
The first thing you need to do to get full control of your computer again is to sever the hacker’s connection to it.
The best way to do this is to isolate your computer from the network.
This means turning off the WiFi connection and even physically pulling off the network cable. Don’t do this using any programs or software as they could be “lying” and tell you that you’re disconnected when in reality you are not.
Only once you’ve isolated the computer can you move on to other steps here.
- Scan the Drive
Even if you’ve isolated the computer from the network, it’s still infected and your files might get further damaged if you leave it at that.
So you will need to scan your drive using another computer. Before you do that, be sure to shut down the computer and remove the drive physically.
You can use your friend’s computer, or go to a local PC repair shop with it. Just be sure that the other computer has up-to-date antivirus tools.
- Backup the Important Files from the Drive
It’s a good practice in general to backup files regularly, but it becomes even more so in this case.
If you don’t want to lose important files, like photos, media, important documents or personal files, get them from the previously infected file to a clean drive, USB, CD, or to the cloud.
- Put the Drive Back into Your Computer
Now that the once-infected drive is no longer infected and you’ve backed up the important files from it, you can put it back.
- Wipe the Drive
There might be some leftover malware still on the drive even after cleaning it, so if you are not sure, you can use a clean drive or a disk erase utility.
This is really the reason why you want to backup up the files since once you wipe the hard drive, you’ll lose them forever and you might not want that.
You can use a program like CCleaner, or you can do this physically by removing the drive and then moving a strong magnet over it.
This will deform the metal plates in the hard drive, so be warned that the drive will become unusable after this little operation. If you want to continue using the drive, use a program instead.
- Reinstall the Operating System from a Trusted Source
If you installed the OS from a CD or USB and you still have those, now is the time to do it again, provided they’re not pirated or anything.
But if you don’t you can still download and install them, but just make sure that you do so from a trusted source to avoid any potential malware hiding in the installation.
Once you’ve installed the OS, make sure that it’s also updated and patched before you install any other programs like antivirus or other security software.
- Install Security Software
We already said that one of the ways how to tell if your computer has been hacked is if your security software gets removed.
Once you’ve reinstalled the OS, the first thing you should install next is a trusted security software, like an antivirus program or antispyware.
Again, be sure to install only verified and trusted software, like Norton, Kaspersky, AVG and similar.
- Scan the Computer Again
By now your computer should be clean from infection and any presence of hacking has been removed, but it’s a good practice to scan it once more just to be 100% sure that you haven’t missed anything.
Congratulations! Your computer is no longer hacked.
If you recognize that you’ve been hacked, make sure to:
1. Isolate your computer from the network by turning the WiFi on
2. Power down the computer and remove the hard drive and plug it into another computer for scanning
3. Clean the drive of viruses with an AV tool
4. Backup important files and media from the previously infected drive
5. Put the drive back in
6. Wipe the drive clean using a program like CCleaner
7. Reinstall the OS and security software from a trusted source
8. Scan the computer again to ensure the infection is gone
There are a few signs that your computer or phone has been hacked:
1. Your computer is doing things like moving the cursor or installing/uninstalling programs on its own
2. There’s money missing from your credit card or you’re seeing purchases and orders you didn’t make
3. New programs appear on your computer and are requesting access to the Internet or the firewall
4. Your Internet connection has slowed down dramatically
5. Your passwords have been changed and you are locked out of your accounts
6. The web browser home page has changed or there are new toolbars installed
7. Your email is sending spam
8. You receive a ransomware message
Nobody wants to get hacked, but no matter how careful you are, it can still happen. Hopefully, however, you are now equipped with the knowledge of how to tell if your computer has been hacked and what to do if you have been hacked.