Impersonation is a top trend in computer hacking. Cybercriminals hijack your email or Facebook account and wreak digital havoc in your name, sending messages to everyone in your address book about how you “lost 20 pounds with HCG Ultra Drops” or “started making $2000 a week working from home.” These messages always contain a link or an email attachment containing viruses, spyware and other malicious software (aka malware). Your friend will think you sent it, so chances are, they’ll open the link without thinking. Then, bam! They get hacked and the cycle continues.
The latest digital identity takeover exploited Twitter. Hackers compromised user accounts and sent Direct Messages to the user’s followers. These messages preyed on the recipient’s curiosity: Did you know you’re in this video? Someone is writing shocking things that are about you. Recipients were directed to a fake Facebook video page or a website that spoofs Twitter, then prompted to download the malware (disguised as a video player update) or enter their Twitter login information to proceed.
Recently, a number of Twitter accounts were taken over by hackers. The compromised accounts sent Direct Messages like this one, which sent recipients to a website that installed malware on their computers.
If this happened to you, change your account password immediately and run your computer’s antivirus software. Let your Twitter followers, your Facebook friends and your email contacts know that you’ve been hacked. Tell them they shouldn’t open any unexpected links or attachments from you.
But what if you don’t know you’ve been hacked? Don’t wait for your Mom to call and congratulate you about slimming down with HCG Ultra or landing that new Work From Home job. If you use Facebook, Twitter or Gmail, follow our guidelines below.
Signs That You’ve Been Hacked on Twitter
1. Weird Tweets in your feed. This is the most obvious sign that your Twitter account has been compromised. Look through your recent Tweets and if there are any Tweets you don’t remember sending, you may have been hacked.
2. Direct Messages you didn’t send. Check your Direct Messages to see what you’ve sent recently. Again, if there are any messages that look unfamiliar — especially if they’re directing the recipient to a strange website URL — this is a sign that you’ve been hacked.
3. Unknown Apps. In your profile settings on Twitter, check the sections for Apps on the left-hand menu screen. Apps can affect your account and occasionally access your personal information, so they need your permission to be installed. If you’ve been hacked, you may see unknown Apps you never gave permission to. Click the Revoke Access button.
4. You’re following a lot of new people. Are you suddenly following lots of new people you don’t know? Twitter malware may hijack your account and make you follow spambots.
If you’ve discovered any of these symptoms, change your Twitter password immediately. You should also change the password for any third-party account that’s linked to your Twitter feed, such as Facebook. Then, contact Twitter support using this page: https://support.twitter.com/forms/hacked
Signs That You’ve Been Hacked on Facebook
1. Bizarre newsfeed and Timeline activity. If you login to Facebook and find unusual newsfeed activity or Timeline posts, such as spam ads or notifications from Apps you don’t remember approving, your account may be compromised.
2. App purchases you didn’t make. If you’ve ever used Facebook Credits and your credit card information is on file, Facebook hackers may be able to exploit this and make purchases without your permission. Review your Facebook purchase history and your credit card bills for any unusual activity.
3. Logins that aren’t you. In your Account Settings, click Security. You’ll see a menu that looks like this:
Check your Facebook Security Settings and look for suspicious Active Sessions. In this example, all the Active Sessions are normal logins that the user recognizes.
Examine your Recognized Devices for computers and phones that aren’t yours. You can also see Active Sessions — what system is using your Facebook account, when the system accessed it and where they accessed it from.
In the screenshot above, you can see that I’m accessing Facebook from a computer using Firefox in Windows 7, located in the US. The previous session was an iPhone, also located in the US, that logged in at approximately 11pm yesterday. I know I’m using Facebook right now, and I remember using Facebook Mobile last night on my iPhone, so none of this information is alarming.
If I saw a Current Session from Internet Explorer on Windows Vista in, say, France, I’d know for sure that I’d been hacked.
If you think your Facebook account has been hacked, change your password and contact Facebook support at the following link: https://www.facebook.com/hacked
Signs That Your Gmail Has Been Hacked
1. You can’t login, even with your password. This is the most obvious sign that your Gmail account has been compromised. If you know your password is correct, and you re-type it just to be sure, but can’t login, it’s a very bad sign.
2. Your Sent Mail folder is full of emails you never wrote. If a cybercriminal has hijacked your account and used it to send spam or malware, you may see these emails in your Sent Mail folder.
3. Your Usage is way off. In your Gmail Inbox, scroll down to the very bottom. In the far left corner, you’ll see what percentage of storage capacity you’ve used. Emails are very small files, so average users won’t come close to filling the gigabytes of storage that Gmail offers. For example, I have a Gmail account I’ve used for over two years to receive high volume mailing-list emails and newsletters, but I’ve only reached 11% capacity. If I login tomorrow and see that my usage has jumped to 20% but I haven’t received any huge file attachments or an unusual amount of email, it would be very suspicious. Check your Usage regularly so you can spot any sudden, abnormal increases.
4. Your account activity is unusual. On the bottom-right of your Gmail screen, across from the storage capacity information, you’ll see a link for Last Account Activity Details. This link will open a window that looks something like this:
Check your Gmail Account Activity. Are there any unique IP addresses that stick out, or locations you don’t recognize?
As with Facebook Activity Sessions, examine this table for any activity you don’t recognize. If it displays activity from another state or country, and you haven’t traveled recently, it’s a sign that hackers could be inside your account. The blacked-out spaces on our graphic show IP addresses — generally, you’ll see the same two or three IP addresses repeated because they represent your home, work, school or other locations where you regularly check your Gmail.
If there’s an IP address that stands out, copy and paste it into the tools at www.IPLocation.net. You’ll get an approximate location for this address. Again, if it’s from a place where you’ve never been, this might mean your account is under someone else’s control.
So what do you do? As with Twitter and Facebook, the first thing you should do if you think your Gmail account has been hacked is change your password. (And if you can’t login at all because the hacker has changed it for you, head to https://www.google.com/accounts/recovery/.) Then, visit Google’s Online Support Center at support.google.com. Click Gmail, then click Report a Security Problem and select the option that best describes your problem.
Change Your Password and Boost Your Defenses
Even if you haven’t been hacked, remember that cybercriminals are constantly evolving and finding new ways to exploit you. Just like offline security, don’t think you’re immune from hacking just because it hasn’t happened yet. Change your password regularly, make sure you’re using a secure browser and always use updated antivirus software.
For some great tips on formulating a secure account password, click here to watch our video.
If you’ve been hacked and you’d like to report it, click here to submit a complaint to Scambook.
See Also
Twitter Privacy Breach: Hacker from Mauritania Leaks Over 15,000 User Accounts
Google Wages War on Gmail Spam Hackers
The 9 Bad Email Habits That Expose You to Scams and Identity Theft
[…] of Scambook users reported these weight loss products hacking their Facebook and email accounts with a link to pages promoting HCG Ultra Drops and Raspberry […]
[…] advertising. More than 400 complaints on Scambook noted the weight loss products have been hacking users’ Facebook and email accounts with a link to these pages promoting HCG Ultra Drops and […]
Does facebook tell a person when their account has been hacked?