Technostress

Hacked? Here’s How to Reclaim Your Digital Life

Posted on by Patrick Timmermans

Hacked? Here’s How to Reclaim Your Digital Life

Noticing a hacking can be very difficult, because hackers sometimes work in mysterious ways. 

If all your precautions should fail, remember the very first rule: remain calm.

Although your first reaction might be to fight, which will push your adrenaline levels to anger, will this be helpful? These emotions will cloud your ability to judge and prevent an appropriate solution.

Furthermore, will the people who can help you do so when you are being clouded by emotions? They will tolerate some frustration, but they won’t help you if you manipulate or confront them in an emotional outburst.

The smoothest solution to your problem is to keep cool and be clear-headed to come to a resolution. The following seven guidelines provide help in a structured way so you can restore your device(s) without too much difficulty.

1. Build your defence

The very first step in recovering is building a validated (proven) account of the hacking. There are a couple of things you can do to achieve that:

  • Make sure to disconnect your smartphone or computer in all possible ways from the internet! Airplane mode blocks out everything.
  • Note down your observations with as much detail as possible (Details as time, events, Facebook accounts, telephone numbers, chatlogs, …) They will provide proof that you’re the victim of a hacking and might help law enforcement to create a report that could serve as a proper foundation for an investigation or a potential insurance claim.
  • The moment you’re hacked, call services to block the debit or credit cards you have used online. (For Belgium: Card Stop +32 70 344344)
  • Inform people that you have been hacked in a private message (SMS) or phone call. This is to notify them that you might be unavailable for a while, but also to warn them that they could be a target too. Also, if you were to consider to publish it publicly, realise that big brother (hackers) might be watching too.
Icon True Value

2. Build a safe environment

The second thing to do in rebuilding is to secure your connection. Use the following steps to build a safe environment:

  • Ask your telecom provider to change all codes and passwords of your router and Wi-Fi.
  • Check or make a backup of your (online) data and your offline password list on an external disk or USB stick. Keep in mind that making a backup might be ‘unsafe’ as it might contain a virus.
  • Perform a factory reset of all your devices after you’ve secured your local area network (LAN). Beware of the fact that all data from your device will be removed and might get lost if you didn’t make a backup.
  • Follow the following steps to create safe credentials for your device(s):
    • Create a completely new account (Google, Microsoft, Apple, …) with a complex password that you’ve never used before.
    • Implement a multifactor authentication linked to your phone number (SMS or One Time Password).
    • Never use this new account as your primary mail address or share it with someone you don’t explicitly trust.
    • Always keep these credentials only offline.
    • Install a Certified Antivirus software that’s different from your previous one. Make sure that it contains a firewall and a VPN solution (as mentioned in the previous blog article)
    • Validate your work (Full virus scan, firewall and make sure that the VPN is always connected)
    • In every step you will take, scan your computer for potential infections.
    • Make sure that all firmware of your device is up to date and software updates and security patches are installed.
    • Remark: if you’re working with an older operating System that is no longer supported (like MS Windows 7/8), only use the device offline. This will always be a security risk.

3. Restoring your old accounts

After completing step 2, you can start with recovering your old online accounts:

  • Always be aware that they might be a backdoor for hackers.
  • Use your offline password list as your checklist.
  • Consider what their purpose is/was based on the offline list (spreadsheet or otherwise). That will determine the priorities within the recovery process.
  • Open the old accounts in incognito or private windows and close them after you’ve made the appropriate changes. That will remove all traces on your computer of the process. (Update your list with the new passwords as you go on)
  • If you can access them, reset the password using a complex password generator. (Also take the password guideline from the previous blogpost into account)
  • Always validate every step in the process. Prioritise thoroughness, however time-consuming that might be.
  • Remark: Remove the accounts that haven’t been used for a long time. They could be used by hackers to create false profiles. If you’re unable to, remove all personal data which might be stored in the account details.

4. Install all the applications that you require for your work or administration. (Clean install)

  1. Make sure that the online account has been secured (new passwords, multifactor authentication)
  2. Download and install the applications
  3. Perform all the updates (especially security updates)
  4. Perform a full virus scan afterwards.

5. Connecting your cloud drive

  1. This is a critical step in the recovery process as the data might contain viruses or malware. Normally, if all the previous steps have been followed carefully, the protection software should be able to detect them.
  2. Allow a complete synchronisation so the virus scanner can do its job.
  3. Afterwards validate your data and check if you’re missing something. You normally have your backup to validate and restore potential lost files.

6. Restoring your data

  1. When you connect your backup drive for the first time, perform a full scan and allow it to finish before you access its files.
  2. After this step, you will be able to finish your data restoration and validation.

7. Reconnecting your mail accounts

  1. The first step is to verify whether the credentials have been adjusted, by opening the web interface of your mailbox in a private or incognito window. This action will also test the multifactor authentication procedure.
  2. Check if there are messages that might give indicate use/abuse.
  3. Check the sorting rules whether they contain a rule that either forwards or deletes messages with a certain header. Delete these after adding them to your defence list (screenshots).
  4. If these steps check out, normally you can complete the configuration of your local mail client.

This completes the general checklist. By followed it, you will have gone through the most important stages in a safe manner. It should cover most of the important steps to reconnecting online, albeit your configuration may include details that I am not aware of. Please be advised that I cannot be held liable for the completed work. In doubt, always contact a professional.

In my technostress coaching trajectories, online support and/or onsite support (Belgium only) is offered to resolve potential issues. Just reach out if need a hand.

This blog post is part three of the Cybercrime series; read the previous pieces to learn more.

Blogposts are the foundation of my coaching approach. I frequently write new ones on a variety of topics such as empath coaching, mourning counselling, and technostress. Most of them include techniques for dealing with difficult situations. If you want to know when a new one is added, follow me on social media.

Patrick Timmermans

As an empath coach, my mission is to inspire HSPs and empaths to translate their heartache into a life's strength.