Computer Security & Viruses/hacking and next steps

Advertisement


Question
Hi James,

I'd like to relate what issues I'm experiencing and then I'd like to ask for help in terms of troubleshooting or next steps, since it seems like there could be a lot of possibilities in terms of what has led to the hacking experience. I'd like to know your "best guess" assumptions based on what happened. A helpful response will receive a paypal donation.

What happened:

(1)On 7/25/2016, I saw that everyone one in my Facebook account received a notification about some Ray Ban special. I removed all of these notifications in my feed and changed my Facebook password.After changing my password, there hasn't been any suspicious Facebook activity.

(2) My main bank account had the same Facebook password even though the username was a slight variation of the Facebook username, so I changed this password immediately.

(3) Three days later, I received an alert from my bank that someone tried to access the account (though failed), but I needed to reset my password again.

Assumptions:

(1) For the facebook hack, my immediate assumption was that this might be related to the recent news of the myspace hack since the email and password for my myspace and facebook account were either the same or very closely related.

(2)I'm just going to have to assume that facebook hack and the bank account login attempt are related and not just coincidentally related by being so close together in time.

Next Steps:

I feel a little overwhelmed in terms of troubleshooting and pinpointing what to do next since there seems to be so many possibilities in terms of how these accounts are being hacked. From my knowledge, it could be:

(1)Malware, spyware, or keylogging on my Windows desktop
(2)Someone has access to my main email account (since there were notifications from my bank that my password had changed, so they know my bank now, although there are no suspicious emails in my outbox).
(3)It could be related to the Myspace hack and someone is trying different accounts randomly using my old Myspace password
(4)A home network vulnerability
(5)Some form of spyware on my iOS devices (since there are both facebook and my bank app on these devices).

What I've done so far:

(1) Removed any program from my desktop that was installed in the last two months.
(2) Looked for any suspicious processes running on Windows (there didn't seem to be any)
(3) Running Kaspersky Anti-Virus Full Scan on my Windows Desktop (it's taking forever so I don't know results yet).

Any help in terms of best assumptions and next steps would be appreciated.

Answer
Additional note: Remember to review and revise your security and privacy settings for not only your social sites and all other online accounts.

Removing any program installed in the last two months is probably "overkill." It would be better to search for information on program for privacy and security issues prior to removing. But, what's done is done.

It's good you looked for suspicious processes and not finding any is also a good thing.

Running Kaspersky is great - did you find anything?

Regarding 1 through 5 ("it could be")

1. Yes, it could be that, but if you didn't find anything so far, try looking using other tools.
Malwarebytes, Malwarebytes Anti-Exploit, Junkware Removal tool, Anti-Rootkit beta, Chameleon and check out the others. The free versions are safe to use, but If you decide you wish to purchase a full version, check with Kaspersky to see if use of any are incompatible or will create instabilities with Kaspersky.

malwarebytes.com/products
alternativeto.net/software/malwarebytes-anti-malware

2, 3 are possible, but there's no verifiable method of knowing without additional evidence. There are many situations where all you can do is make your system more secure and create stronger passwords.

Regarding your assumptions, they're certainly worthy ones, but again, the best you can do at this point is make sure your passwords are strong and are completely different for each account. Remember, accounts have been hacked via company and government weaknesses and sometimes have nothing to do with your system or network.

To help you with the passwords, consider a Password manager (some on enrgy21.com/about)
and also here: alternativeto.net/software/lastpass

Keep your PC clean (temp files and history too) - alternativeto.net/software/puran-utilities

I would also consider a 3rd party Firewall (excellent free and free trial versions are available). Most, if not all, should be compatible with Kaspersky.
alternativeto.net/software/zone-alarm
techsupportalert.com/best-free-firewall-protection.htm

Regarding possible home network vulnerability, no way to be sure without more info, but vendors are doing a much better job at eliminating or mitigating new and old vulnerabilities. Just be sure to consider changing and making you home network password(s) stronger as well.

Lastly, about "Some form of spyware on my iOS devices...", many of the anti-virus/malware/spyware/rootkit... software revealed in the links above have iOS and Android versions. You should unquestionably use one or more of them to check your devices.

adventcomputers.co.uk/everyday-computing/10-ways-make-your-pc-more-secure
securityinabox.org/en/guide/malware

Bottom line: you've done a great job so far, but don't make things overly complex. Don't overload your system with security tools, but it's good to have an additional layer or two. One security application can't detect and remove all threats.

Keep monitoring all your accounts and profiles for any changes, alerts or deviation from the norm, and make sure you keep your applications and systems as secure as possible with the latest updates.
alternativeto.net/software/patch-my-pc

Computer Security & Viruses

All Answers


Answers by Expert:


Ask Experts

Volunteer


James Filmer

Expertise

Viruses, Spam, hacking, Rootkits, Trojans, Keyloggers, all other forms of Malware, Internet access problems, slow systems, application and system instability, network abuse, Firewalls, layered security configurations, system maintenance support and general troubleshooting.

Experience

System, network and website administrator

Publications
http://forums.mozillazine.org http://episteme.arstechnica.com http://news.cnet.com/security-bites-podcast http://enrgy21.com

Education/Credentials
http://linkedin.com/in/enrgy21

©2016 About.com. All rights reserved.