Have you ever received e-mails that appear to be from friends but aren’t? Or have friends told you that they’ve received e-mails from you that you didn’t send? These are signs of a “computer hijacking.”
Here’s how to limit the damage if you suspect that your computer has been hijacked and what you need to do to prevent it from happening again…
Update and run your antivirus program and a malware-removal program. (Malware is software that hijacks, disables and/or steals computer data.)
More on Computer Protection
If you don’t have an antivirus program—for PCs, get Norton Antivirus ($39.99, http://us.Norton.com)…McAfee AntiVirus Plus ($24.99, http://home.McAfee.com)…or Microsoft Security Essentials (free, http://Windows.Microsoft.com/mse). For Macs, use Sophos Anti-Virus (free for home users, www.Sophos.com, click “Free security tools”).
To find and eliminate hijack software on PCs, use Malwarebytes Anti-Malware (free, www.MalwareBytes.org) and Spybot Search & Destroy (free, www.Safer-Networking.org). I know of no similar programs for Macs.
Next, change your e-mail account password, and check the e-mail account’s settings to make sure a hijacker does not have access to your account.
Example: In Gmail, click the gear icon in the upper right, then click “Settings,” then “Accounts and Import,” and check whether another account is listed in the “Grant access to your account” section.
If you no longer have access to the account, contact your company’s IT department (if it’s a corporate e-mail account) or follow the e-mail provider’s procedure for a password reset.
Example: With Gmail, select “Can’t access your account?” in the sign-in box, then “I’m having other problems signing in.”
If your computer has been taken over by “scareware”—a pop-up claiming the computer has been infected by a virus and offering to sell you corrective software—don’t touch any key or click any on-screen button. Disconnect the computer from the Internet quickly, perhaps by disconnecting its network cable or unplugging your wireless router.
With the computer still disconnected from the Internet, run a full system scan with your antivirus program and a separate anti-malware program. If this doesn’t fix your pop-up problem, you may have to take the computer to a professional technician. The technician might have to completely erase your hard drive and reload your operating system to remove the malware, which could cost around $200.
To protect your computer from future attempted invasions…
- Always use hard-to-guess passwords for all your accounts, and use a separate password for each account. A good idea is to combine numbers and upper- and lower-case letters. Example: Instead of just using the word “elephant,” you might try “3l3ph4NT.” It is relatively easy to remember but hard to crack. Or use a short phrase.
- Make sure your computer’s firewall is turned on. Activating your computer firewall varies depending on your computer and operating system.
- Don’t click links in an e-mail unless you’re very confident that the message really comes from the person who appears to have sent it.
- Never access your e-mail account from a public computer.
Source: Karen McDowell, PhD, information security analyst with the University of Virginia, Charlottesville. She has worked in computer security for more than 15 years and holds a GCIH certification as a certified incident handler trained to manage computer system attacks.