There was a time when Whatsapp was very easy hacker target before it was upgraded to the point where you had to enter your personalized six digits Two-step verification code to access your Whatsapp account.
It also came with an end-to-end-encryption. Meaning your messages, calls and status updates stayed between you and people you choose…even Whatsapp had no access to read or listen to any of it.
The hacking jeopardized a lot for Whatsapp users and had a lot of persons on their feet to secure their Whatsapp numbers online. It was a really vulnerable phase for people who had so much personal information and business information on their Whatsapp chats.
Whether you were hacked, phished, had malware installed or you just don’t know what happened but you know there is somebody all up in your personal online space, here are a few good first steps to take following an incident. This is by no means comprehensive, but it is a good start.
Remember that most of the time 90% of our personal information are linked up with our various online accounts. By this I mean Yahoo mail, Google mail, Facebook, Twitter, Instagram and some others we use.
Ask Yourself Why it happened
While you are fixing things, it is a good time to take a step back, and ask yourself a more basic question: What was the reason for the breach? If it was your bank account, the answer may be obvious. In other cases, such as e-mail, it can be for a host of reasons — from using it to send spam, to requesting money from your contacts, to getting password resets on other services. An attacker may even be trying to gain access to your business. Knowing why you were targeted can also sometimes help you understand how you were breached. It would go a long way knowing this information.
Reset Your Passwords
Immediately ensure to change the password on the affected service and any others that use the same or similar password. You shouldn’t reuse passwords. You should be changing your passwords periodically anyway as a part of routine maintenance. But if you have just been hacked, it should be changed with a sense of urgency. This is especially true if you reuse passwords or use schemes that result in similar passwords (like 746Instagram, 204Linkedin, 419Google).
Some Sites can set up password requirements — for example, a character length or that a password must include symbols and numbers — but they cannot force people into not reusing the same or similar passwords. It is very common for people to use similar or the same password not realizing that it creates a liability for them by doing so and that they need to change their password after they have been hacked.
Of course, out of convenience, a lot of persons feel lazy to memorize different passwords for different sites, failing to realize that it would do a lot of good than harm especially after being jeopardized online.
Password memorizing is not an easy path for some, so the best bet would be to put it down in writing in a safe location. Personally, it is what I recommend because I do it to help me remember passwords.
Tell your friends and family that your Facebook account has been hacked. There is a good chance you won’t lose any money, but your friends and family on Facebook might. The mugged-in-London scam works by hijacking your identity to contact friends to request for money. The mugged in London scam entails hackers reaching out to your friends and family after hijacking your account, telling them you were robbed and attacked in London— so you would need them to send you some money as you are financially stranded. It is also true, although not very common on AIM, Google Talk and other services. There may also be data that you need to let others know has been accessed–from financial matters to other sensitive personal information.
Update and Scan
There is a high possibility that the attacker got in via your machine. Almost all malware is installed by victims themselves, if unknowingly. And if something nasty is on your computer, you need to get it off before you start a recovery process. Make sure you are running the most recent version of your operating system. Download a solid anti-virus product and run a scan for malware and viruses that may have been the source of the attack. This is the most basic thing you can do, so do it now. Moreover, it is best to use a brand-name commercial program that you pay for.
Although Malware antivirus software is not perfect — they have a hit ratio of 50 to 75 per cent and can miss almost as much as they find, but it is better than nothing. On the other hand, why should you pay for it when you can get it for free? Most people who search for ‘free antivirus’ end up installing malware and you do not want to take chances with that.
Check for Backdoors
Most times, smart hackers won’t just get into your account. They will also set up tools to make sure they can get back in once you have gotten them out. Once you have your accounts back, you should immediately make sure there isn’t a back-door somewhere designed to let an attacker back in. Check your e-mail rules and other email settings to make sure nothing is getting forwarded to another account without your knowledge. Check if your security questions have been changed or if answers to your security questions have been tampered with as well.
Take Back Your Account
Most of the major online services have tools in place to help you get your account back after it has been taken over by someone else. On Apple, Facebook, Google, Microsoft, Twitter and Yahoo, you are going to need to be able to answer some questions about your account. Facebook has a novel method that relies on friend verification. If you are using a service not listed here you can typically find your way back in by searching for its name plus its account recovery steps.
If commercial activities are involved in the affected account, you have to thoroughly review any activity on that account. Verify that no new shipping addresses have been set up on your account, no new payment methods have been added or new accounts linked with it.
This is especially true of sites that let you make one-click purchases, or issue payment cards.
What should be noted is that attackers do things for reasons. If we are talking about attacking your Bank account or PayPal the reason is obvious: They want your money. What criminals will often want to do is hook up a debit card to your account. If they add an address and then request a financial instrument, that is a way for them to monetize.
De-Authorize All Those Apps
This is the most invisible but most important step. One of the first things you should possibly do if you’ve had an account compromised is to de-authorize all the associated applications that use that account for login or its social graph. For example, Google, Twitter, Facebook, Dropbox and many others support Oauth.
OAuth enables third-party apps to use account details automatically without having to give them the account login information. If a hacker has used it to authorize from another device or for a service and remains logged in there, changing your password won’t get them out. There could be a rogue client out there that you remain unaware of even after regaining access to your account. The best bet is to put a stop to everything you’ve given access to. Here they are on Google, Facebook and Twitter. It may be a pain to go back through and re-authorize them, but it is best than leaving a malicious individual lurking in your account. And in any case, doing so periodically is just good hygiene.
A better understanding of Open-Standard Authorization(Oauth)
Oauth is about authorization and not authentication. Authorization is asking for permission to do stuff. Authentication on the other hand is about proving you are the correct person because you know hidden details.
This implies that when your login details are automatically saved on services you use online…for example…Facebook, Twitter, Instagram…each application would not ask you for a username or password… instead, it would automatically let you in at any given time.
The easiest way to understand Oauth in action is one website saying to another website…” hey, do you want to log in to our website with other websites login details of yours?”
That is why it would be a piece of cake for a hacker who had hijacked your account to get in again, undermining whether you change your password.
Safeguarding yourself online in a technologically dynamic world is key. Over the years, a lot has changed and we implore online users to evolve with these changes.
Our online footprints are almost like DNA samples left and found in a forensics crime scene. Chances of not leaving an imprint of you are slim.
In your own little ways, you need to outsmart those black-hat hackers pinging your every footprints online for the sake of your online safety and well-being.
Spot on! If I may, a password manager can also be used
Thank you so much Tosyn.