fbpx

Conversation With a Client: Cybersecurity Hack

Published October 26, 2020

Conversation With a Client: Cybersecurity Hack

Cybercriminals are active at record levels right now. Below is an actual conversation we had with a client who, unfortunately, had fallen victim to cybercriminals.

Erik,

 I have been hacked. Typical stuff I suppose, where they want me to send bitcoin to them, etc. I have filed a police report. The thing that is freaking me out a bit is they say they have a password of mine, which happens to be correct (that I have since changed), but it makes me wonder what they did or do have access to.

Where do I go from here regarding trying to get malware of my phone or at the very least checking if its on my phone (or laptop). Can you point me in the right direction?

Thanks and sorry to bother you.

——–

Hi (Name Removed for Confidentiality),

Sorry to hear about your experience. If it makes you feel any better, know that you have lots of company- cybercriminals are active at record levels right now. Were you able to recover your files? Did you have to pay ransom? I would keep a few things in mind:

Return attacks are common, after the criminals know they have a good target. I would be on the lookout.
It’s pretty typical for criminals to know everything that was on your computer for the last 205 days, based on latest survey data.
Assume the computer/phone(s) they attacked is(are) still under their control. They may be able to see your screen, record your keystrokes, etc. To be safe, I would format/wipe these devices, reinstall software, and reconfigure them from scratch. The nasty monitoring software is designed to run in the background, undetected.
As soon as you can use a “clean” system, reset all your passwords. It’s critical you do not use any password for more than one service or site. It’s more important to be unique than complex, although certainly both are good. Start with banking, payroll, and tax sites, as well as sites where you’ve used a duplicate password in the past.
Two-factor authentication is a good thing, that way people who do manage to discover your password can’t login as easily.
Generally the FBI cannot assist unless you have cash losses in excess of $125,000, because they receive such a huge volume of complaints. Certainly law enforcement wants to know about it so they can work on breaking the crime rings, but they likely can’t help your past losses.
If you need help formatting your computer/phone, most people with some computer-savvy skills can assist. Our techs can do it for $145 per hour, with payment due on delivery. Typically we don’t do hourly work, but this nonsense needs to stop and we do what we can to help.

To prevent new infections, after your passwords are reset and two-factor authentication is enabled, I would next be very paranoid about emails. Never click links in emails or open attachments unless you’re absolutely certain they’re safe.

I hope that helps a little. It’s a terrible feeling to suffer the loss and experience helplessness.
Erik

Erik

Thanks so much for taking the time to respond. Yes, it is a terrible feeling. I haven’t lost any files and I didn’t pay any ransom.

It really stresses me out to think about wiping everything and starting over and I really wouldn’t know where to start with that. I am willing to pay if you can set me up with someone.

Although, both the detective and trooper implied that the email I received was pretty commonplace lately, it still makes me nervous and piece of mind will be helpful.

If your devices were never actually infected, maybe all that happened is that a service where you used that password was breached. If it’s a matter of someone else’s server being hacked, then for you, it may simply be a matter of resetting your passwords, getting a secure way to store your passwords, and configuring two-factor authentication, without the need to wipe your devices. Does this sound more plausible?

They are correct that this is commonplace. Sadly the full-blown ransomware attacks against personal computers are common, too, and that’s what I assumed was going on here. Hopefully it’s not that bad.

Erik

Yes. That’s true, I am thinking hopefully that’s it, but is there a way your techs can tell if there is malware installed or it has been infected? If so, I would like to maybe try that. I have changed all passwords, but since I don’t know what device, if any, was compromised, it kinda scares me that there could be a program that records key strokes or sees the screen.

Yes, we can scan for that type of software and do a pretty good job of detecting it, so I think that would be a wise place to start. I’m including our dispatch desk on this email, so they can work with you to schedule a tech. We can do this remotely.

Unfortunately, please understand that we can’t guarantee it’s a perfectly clean system unless we wipe it. No one can. That said, I wouldn’t start with a wipe in this case either. It’s a pain in the neck to start from scratch.

Erik Gudmundson

Thanks Erik and thank you Support team.

At Pegasus Technologies, we help businesses who have fallen victim to cyberattacks like this everyday.

Security threats are becoming more common and more dangerous. Antivirus software and firewalls are not enough to protect your business from ransomware, phishing schemes, cryptolocker, or other dangerous hacks.

Pegasus Web Security helps protect your business from attacks before they happen. Our software adds another layer of protection to help prevent malicious activity onto your network and keep you more safe from cybercriminals.

blank
Curt Wrigley
cwrigley@pegtec.com

Curt is the Technical Services Manager at Pegasus Technologies. Curt oversees our services, quality, and support and is in charge of training our technical team. When he's not hard at work improving our services, Curt enjoys playing the trumpet.