Whether you have that sinking feeling that comes after a few failed attempts at logging in to a site that you use daily, or an email from a service you use indicating that it feels your account has been compromised, there’s nothing that hits you quite like the idea that the security of your computer has been compromised. What do you do? Do you throw out your computer and buy a new one? Here are a few tips on how to handle the security of your computer being compromised.
Take Your System Offline and Assess the Problem
Consider what activities or issues opened you up to having your password(s) compromised. Could you have fallen victim to intrusive and malicious software? Have you installed anything recently that you’re not absolutely familiar with or sure about? Have you given a password that is shared across multiple channels out to any new services or sites? All of these situations, and many others like them, can lead to your online accounts being compromised.
If you’re unsure about where the attack came from or how it came about, it might be a good idea to unplug your system from the Internet and begin a process of formatting and reinstalling your software. Viruses aren’t always detectable by anti-virus. In fact, if they manage to sneak past the initial checks, many of them are designed to quickly make themselves invisible to these programs by attaching malicious code to already-existing files and operating under the radar. Keyloggers, trojan horses, and other forms of harmful software are designed to be invisible and keep the computer running as if nothing happened.
If at all possible, format the drive using a non-quick method using software such as Darik’s Boot and Nuke, which doesn’t just delete a file table and leave the data (and potentially compromised files) intact. Restoring your machine to factory settings is also best done with an external DVD rather than relying on the hidden partition to be unchanged by the malicious code. The best rule of thumb is to burn one of these restore DVDs as soon as you receive your new computer so you can use it in the future in cases like this.
Change Your Passwords
The first step you should take (should you discover that your computer has been compromised) is to change the passwords of each and every account you have online. From your bank to your favorite social network, any passwords that might have fallen into the wrong hands could be used against you in the future. It’s important to note here that you shouldn’t make these changes using the same system that was compromised until that system has been properly formatted and its software reinstalled.
Consider Storing Your Passwords Using an Encrypted Cloud-Based Service
Cloud-based password services such as LastPass and 1Pass are great tools for generating and maintaining accurate records of your various passwords across a long list of sites. Often, we rely on a list stored in a file on the drive or our memories to keep up with all of our online logins, and that can lead to trouble. If you rely on your memory, you may find yourself tempted to use a single password for all of your sites. Having an encrypted system in place that enters your passwords for you also avoids the risk of keyloggers picking up on frequently repeated sequences typed in yourself.
Some might argue that these systems are much less secure, but in cases where you don’t want your roommate stumbling across a written list or file on your drive, this can be the next best thing. Your passwords can also be significantly longer and more complex, which is much more resistent to brute-force cracking commonly attempted online.
Change Your Usage Habits
While piracy may seem like a quick and easy way to get the data you want, it can also be very risky. Downloading paid programs for free over torrents and other file sharing sites often comes with a high risk of receiving software that’s been tampered with. This software may appear to install and run absolutely perfectly, but it could also be actively seeking out and sending information about your system back to the person that sent it out.
Some sites take advantage of security flaws in browsers and other software to give the owner more insight into your system than you would like them to. Be very cautious about any site that tells you that extra software or if plugins are required to view its content. Porn, pirated television shows, and other seemingly useful content-driven sites can easily be fronts for a malicious software distribution channel that only needs you to approve a single action to compromise your entire digital life. The best rule of thumb is never to trust anything coming from a site you aren’t absolutely sure you can trust. Before you enter your information or accept a file download, triple-check the URL and make sure that the site you’re connected to is actually the one you intended to visit. You should never enter your personal information into any Web form unless the page itself is secured. You can check a page’s security by looking at the URL area of your browser. A URL beginning in https or visibly displaying a green bar indicating an SSL connection should be present on any site requesting private information.
Over all, security is still a big issue for computer users. No matter how much you hear about one operating system being more secure than the other, or a specific anti-virus program being more capable, there is nothing more capable of keeping your data private than you are. Your actions and decisions online are often the only thing standing between you and your private information.