You are here

Title

Too quick to click

February 9, 2017
Spotlight on Safe Computing

When you think about hacking, do you imagine a dark figure in a basement furiously typing, with data running screen over screen, Matrix-style? Maybe it's Anonymous, releasing your personal messages to the world. Maybe the hacker is Willow from Buffy, a young Matthew Broderick, or Mr. Robot tap-tap-tapping their way into your machine.

Well, that's not always the case. Hacking is not always high international stakes, conducted in the dark of night, or targeting large corporations or governments. Hacking can happen to anybody, and it can happen in the subtlest of ways. One of the most effective and common ways to fall victim to a hack is via email. Sometimes scam emails land in your spam folder and sometimes they make their way to your inbox. If you respond to a digital scam, you run the risk of being hacked and having your personal information and data stolen or exposed. There are many scam emails going around - even recent attempts that purport to be from University of Minnesota President Eric Kaler - but you can do your best to spot a scam. Still, some are sophisticated and anybody can be too quick to click.

Oh no, you've accidently clicked! You thought that email from your professor looked a little suspicious but you didn’t want to miss an assignment. Or, when prompted, you clicked on an unknown link and entered your personal information into a site that you didn't 100% trust. You may have clicked on a malicious attachment or visited an infected website or a site with infected ads. Did you download an infected or bad app, or music from a questionable source? Maybe you followed a mysterious link from an email from a family member.

But, how do you know you've been hacked?

What can you watch out for if you are worried about your device?

  • Your standard programs and files won't open or work.
  • Files that you didn't delete appear to have disappeared, have been placed in the trash or have been deleted.
  • You cannot access programs using your usual password. You find that your passwords have been changed within your computer.
  • There is one or more programs on your computer that you didn't put there.
  • When you're not using the computer, it is connecting itself to the internet frequently.
  • File contents have been changed and you didn't do the changes.
  • Your printer may behave strangely. It may not print no matter what you do or it will print different pages that you did not command it to.
  • Attachments have unusual or missing file extensions. Common file extensions include .doc, .exe, .pdf and .jpeg.
  • File names become garbled nonsense.
  • Unexpected error messages appear, e.g. asking which program to use to open a file.
  • The anti-virus software on your device is disabled.
  • Your contacts begin to receive emails that you did not send.
  • One or more sites refuse you access because of password failure.

What do you do now?

React. Change your passwords right away. Quickly change passwords associated with your device, applications, and on any website where credentials may be stored or remembered by your browser. Make sure to switch up your passwords to be new, and don't save them on the computer or device that may have been compromised. Use a different device or computer than the one you think has been jeopardized, and change your password immediately. At the University, you can do so under My Account. Assess the type of data you have access to or are storing. Make a list of stored private data that could now be at risk. Where are there other copies? What needs to be reported? Lastly, disconnect from the wired or wireless network but leave the machine running.

Report. Report any suspected security incidents to abuse@umn.edu and suspicious email or messages to phishing@umn.edu and stay up to date by visiting the phishing blog. Did your University-owned device get compromised or do you have University or legally-protected data on your machine? Send a report right away to abuse@umn.edu. They will work with you to gather additional information and guide you through the next steps you must follow to help protect you and the University. You can also report emails as spam to Google or delete email with unexpected attachments.

Recover. Don't use the device, but don't shut it down either. If you can, keep it powered on until you can get help. If possible, bring your computer into one of the University Technology Help walk-in locations for assistance. In general, work with University Information Security and University Technology Help for recovery steps.

You may be thinking that you don't have any data or information that a hacker would want. That's just not true. Your accounts are worth a lot more than you think - they are the gateway to your online merchant accounts (like Target and Amazon), financial accounts (such as PayPal, taxes, and your personal bank), social media accounts (Facebook, Instagram, Tumblr, and more), all of your personal and professional contacts, and more.

If your device is compromised beyond just one or some of your personal accounts, all of the data on your computer is vulnerable as well. That means photos, documents, and anything you have stored on your hard drive. If you store or have access to University or legally-protected data such as health or student information, and you are hacked (or your device is stolen, lost, or misplaced), report the security incident immediately to abuse@umn.edu.

How to protect your information and your devices

  • Store your data to server or the cloud instead of locally when possible. Use University-approved hosting or cloud services such as Google Drive or Box.
  • Be very careful when opening emails or attachments - when in doubt, reach out to phishing@umn.edu if you think an email is suspicious.
  • Set up multiple security layers with two factor authentication - like Duo at the University of Minnesota - on every account you can.
  • Secure your devices with passcodes, passwords, or thumbprint or face recognition locks... Your information is only as secure as the device it is on.
  • Update your software as soon as the new version is available. Although it is sometimes a pain, if you don't update it will make you and your device more vulnerable to hackers who monitor which security holes were patched in the last update.
  • Encrypt your hard drive. If it is a a U-owned device, contact your local IT support team for help with encryption.
  • Set strong passwords on all of your accounts and devices.
  • Use secure wifi whenever possible, and especially if you are accessing sensitive or personal information.

As exciting as it may look in the movies or on television, and no matter how much you hear about hacking in the news, it is a criminal offense to hack into personal accounts and devices. And it happens all the time. December through April is an especially vulnerable time in the digital sphere due to tax scams. But by being vigilant online and taking precautionary steps to secure your information, you can stop hackers in their tracks.

More resources

Phishing.it.umn.edu

Stay up to date on the most common and recent phishing scams to target the University of Minnesota by perusing the phishing blog.

Safe Computing at the University of Minnesota

Explore the many ways to stay secure while online at the U of M.

Who used your account?

Learn how to check your Google account for recent access at z.umn.edu/whoused.

Sans OUCH! Newsletter

Download the newsletter: Hacked, Now What?

Educause: Stay ahead of the hackers

Check the Have I been pwned website to see if your accounts were hacked in a known attack.