tsb-moderator

It depends on what kind of information is compromised. If you are a victim of a data breach, you should take the following steps to prevent attackers from exploiting the stolen information to make more attacks.

If Financial Information is compromised

If your financial information is compromised, attackers can no doubt exploit that to cause more financial loss. You should immediately take the following steps:

1. If credit card number is compromised, please call up the bank and cancel the card.

2. If bank account number is compromised, please call the bank and request to close the account and open a new one.

3. Monitor all your financial accounts for suspicious transactions.

4. You can also sign up for credit monitoring service and monitor your credit report. This is also a good step to prevent financial losses in case of identity theft.

If your identity information is compromised

This is even more serious, as the attackers can exploit your identity information in many ways. If sensitive information like SSN is compromised, attackers can use that to open credit in your name, illegally rent apartment, get medical treatment in your name, file fake tax returns etc. You should take the following steps to prevent it:

1. Sign up for a credit monitoring service and monitor your credit report.

2. Sign up for a good identity theft protection service. It can be costly, but it saves you from closely monitoring everything yourself.

3. Enable fraud alert for your credit card file, so that if attackers use your identity information to get a new credit card in your name, the lender will see the alert and contact you for verification.

If login credentials are compromised

If your login credentials for any account is compromised, you should take the following steps:

1. Change password for the account. Please note that the length of a password should be at least 12 and it should contain a good combination of small letters, capital letters, numbers and special characters. And, one should never reuse passwords to other accounts.

2. You should login to the account and check carefully whether there is any change in the account settings.

3. Enable 2 FA for the account if possible. This can improve the security of the account up to a great extent. If your account has 2 FA enabled, then an attacker won’t be able to get access of your account, even if the attacker has your email address and password.

4. If you have any security question associated with the account, please change that. I would also suggest, if you use the same security question to other accounts, please change there too.

5. Repeat the process for all other accounts where you think you have used the same login credentials. This is important, as attackers often use the stolen credentials to hack more accounts where the victim has reused the credentials.

6. Report the hack. You can report it to the service provider or the legal authorities if needed.

7. Contact credit agencies and monitor your credit report. Attackers often exploit the information present in a hacked account to perpetrate phishing scam or other attacks and cause financial losses. So, it is always better to be on safer side.

In fact, in all the above cases, it is always better to be stay alerted for phishing attacks. Hope this helps.

Related thread: https://www.thesecuritybuddy.com/discussion-room/topic/what-should-i-do-if-my-email-account-is-hacked/

There are several options for doing that:

1. There are many services available which can expand a shortened URL for you. Checkshorturl.com, https://www.expandurl.net, https://urlex.org/ are to name a few. You can provide the shortened URL as input and it will show the expanded URL.

2. You can use a good anti-malware program to scan a link before opening it. . Norton SafeWeb, URLVoid, ScanURL are to name a few.

3. However, it is always good to enable real-time protection in your anti-malware programs. Even if you click on a bad link accidentally, the anti-malware program should be able to warn you for that.

4. And, last but not the least, please keep your anti-malware programs updated. Also, please update your Operating System, browser and other commonly used software with recent security patches. Attackers most of the time exploit security vulnerabilities present in a commonly used software to infect a system. And, more updated a software is, lesser are its known security vulnerabilities.

You can take the following steps to mitigate the attack:

1. Reset your internet router – If you reset your router, your router most likely will get a new IP address and that can stop the attackers at least for some time. You can also go to your router settings page and assign a new IP address to the router.

2. Contact your ISP – If you are unable to assign a new IP address to the router and unable to prevent the attack, you can contact your Internet Service Provider for help. They may be able to assign a new IP address to your router and help you to prevent the DDoS attack. For example, your ISP can help you in identifying the source of the attack.

3. Report the attacker – If you can identify the attacker and his ISP, you can report it to his ISP. You can also report about the attack to playstation support. You would get more information about how to report or block an abusive user here https://support.us.playstation.com/articles/en_US/KC_Article/Report-Inappropriate-or-Abusive-Users/

And, prevention is always better than cure. It is always better to use VPN while gaming. This will prevent your IP address to get revealed to the attacker. You would get more information on preventing DDoS attack in this thread: https://www.thesecuritybuddy.com/discussion-room/topic/how-to-prevent-ddos-attack-on-router/

If we take the following steps, it can give us basic protection against DDoS attacks on our home router:

1. Enable firewall on router – Almost all routers provide the option of enabling firewall. The firewall may not be very advanced one, but it is good enough to give us a basic protection against DDoS attack. Please go to your router settings page and enable firewall and DDoS protection following the instruction manual of your router.

2. Use trusted anti-malware programs on all your devices – Anti-malware programs may not prevent DDoS attack directly, but indirectly it helps a lot. It can protect your devices from various malware and can prevent your computer to be part of any botnet.

3. Configure proper firewalls on all your devices – No device should be connected to the Internet without using proper firewall. Please make sure you close vulnerable ports, restrict unnecessary applications from using the Internet and restrict your devices within the home network from communicating with each other unnecessarily. This is important as it can also prevent any malware from infecting other devices on your network in case the malware manages to infect one of your devices.

4. Use a VPN – VPN can hide your IP address from attackers. Attackers can only see the IP address of your VPN server. As a result, even if they make any DDoS attack, your VPN server will protect your devices from the attack.

5. Update your software and firmware – Please update your router firmware regularly. Also, keep your Operating System, browser and commonly used software updated with recent security patches. More updated a software or firmware is, lesser are its known security vulnerabilities.

6. Use official servers for online gaming – Please use official servers like PlayStation Network or XBOX Live for online gaming. Using third party servers can reveal your IP address to the third-party server or to the public.

7. Use your common sense while using the social networking site – Please think twice before sharing anything over the social networking site. Also, please use your common sense before clicking on any link or visiting any website.

8. Change IP address for your router – If your ISP allows you, then you can go to router settings and change IP address for your router.

9. Contact your ISP – If you are experiencing DDoS attack and unable to prevent it or unable to change the IP address of the router, you can contact your Internet Service Provider for help.

If your email account is hacked, please don’t panic ! You can always take a couple of steps to mitigate the problems.

1. Run anti-malware programs – This should be the very first step. Scan your computer with some good anti-malware programs and make sure all malware are removed properly from the system, in case there were any. This is important because if there are malware present in the system, then even if the email password and account settings are changed, hackers may be able to gain the access to the account back.

2. Change password – The very next step should be to change the password of the email account. Please note that the length of a password should be at least 12 and it should contain a good combination of small letters, capital letters, numbers and special characters. And, one should never reuse passwords to other accounts.

If an attacker manages to get password of an account, probably the very next thing he would do is to try the same password to other accounts of the user. If you feel remembering strong and different passwords to multiple accounts is difficult, please use a good password manager. You can find more information on some good password managers available on the market here : https://www.thesecuritybuddy.com/best-password-manager/

3. Check your account settings – Now, you should login to the account and check carefully whether there is any change in the account settings. Many a times attackers change account settings of a hacked account, for example to forward sensitive emails to the attacker.

4. Notify all your contacts – This step is important. Many a times attackers exploit a hacked account to send emails to the contacts of the hacked account for the purpose of phishing or spreading malware. A user is much likely to open an email and click on the link or open an attachment if the email comes from a known person. Please request your contacts not to click on any link or open attachment of any suspicious looking email sent from your email address.

5. Enable 2 Factor Authentication – Nowadays most of the email service providers provide the option of enabling 2 FA. This can improve the security of an account up to a great extent. If your account has 2 FA enabled, then an attacker won’t be able to get access of your account, even if the attacker has your email address and password.

6. Change your security question if any – If you have any security question associated with the account, please change that. I would also suggest, if you use the same security question to other accounts, please change there too.

7. Repeat the process for all other accounts where you use the same email address or password – This may look redundant, but it is important. Suppose you use the same email address for a different account and the password used was not strong enough for the attackers, or suppose you used the same password to another account and the username or email address used was easy enough for attackers to guess. Nowadays we reveal much more information on social networking sites than we think we do.

8. Report the hack – It is better to report your email provider about the hacking. The email provider may even help you with the origin or the nature of the attack.

9. Contact credit agencies – Attackers often exploit the hacked information to commit even more cyber crime. They may also use this information for phishing scams and make purchases on your credit card. So, it is better to ask credit reporting agencies to monitor your accounts for some months when you were hacked.

10. Look for suspicious emails in the hacked account – If your email service provider is unable to detect spams and phishing emails in the hacked account after the attack, you can think of closing the account and make necessary changes to other accounts where you use the same email address.

Hope this helps.

Let’s first understand how VPN works. A user usually installs a VPN client in his computer and connects to the VPN server using the VPN client. This creates a tunnel through which data is transferred in an encrypted format.

So, after a VPN connection is established, when the VPN user accesses a website or transfers any data, the data is first encrypted and transferred to the VPN server through the tunnel and then the VPN server makes a connection to the actual destination.

This has the following advantages :

1. As the data is transferred from your computer in an encrypted format, no one can decrypt and read the data.

2. The destination website will see the IP of the VPN server, instead of that of the user.

Now, the question is, does VPN make you anonymous then ?

The answer is – No. VPN cannot make you anonymous for the following reasons :

1. Even though the destination website cannot see your IP address, the VPN service provider can. In fact, every VPN service provider logs at least some amount of data of the users to enable their service. For example, if the VPN service provider does not log any data of the users, it won’t be able to offer plans based on GB usage of users or limit VPN connections per user. Moreover, to make sure their service is not abused or to prevent spams or DDoS attacks, VPN service providers always need to log some amount of data of the users.

2. Even if the VPN service provider does not log any private details of the users, the less sensitive data the service provider stores can always be associated with other data to reveal enough information about the user.

In fact, no Internet service, including Tor and Bitcoin can truly make you anonymous in that regard.

So, now the question is, why should we use VPN then ?

VPN is good for a user for a number of reasons.

When any data is transferred from your computer using a VPN connection, it is done in an encrypted format. So, if you are using a public Internet, such as public Wi-Fi in a restaurant, mall or hotel and you must login to a website or transfer some data, then you must use VPN for security purpose. If you use VPN, no one evil can decrypt and read easily which website you are browsing or what data you are transferring. To get a better understanding of this point, you can refer this article – What is an Evil Twin Attack and how should we prevent it ?
In fact, VPN can secure you from many malicious attempts to steal your sensitive data transferred over the Internet.

So, VPN cannot make you truly anonymous, but from a security perspective, it is always good to use a VPN.

BitLocker is a Full Disk Encryption program included with Windows. Using BitLocker one can encrypt contents of the whole disk using a secret key. (What is Full Disk Encryption ?)

BitLocker may use three mechanisms for encryption and decryption of the disk :

(1) Transparent operation mode – It can use TPM or Trusted Platform Module hardware to provide transparent encryption and decryption. In this method, the secret key used in encryption is encrypted by the TPM chip. A user powers on the Windows machine as usual. But, during the boot, if boot files appear to be unmodified then the TPM chip releases the secret key to the OS loader code.

(2) User authentication mode – In this mode, the user needs to provide some authentication to the pre-boot environment. He may need to provide a PIN or password for that purpose.

(3) USB key mode – In this mode, the user needs to insert a USB drive that contains the startup key that is required to boot the OS. Please note that in this mode BIOS needs to be able to read a USB drive in the pre-OS environment.

Encrypting File System may be used along with BitLocker to protect the operating system once it is running. You can find more information on Encrypting File System here: What is Encrypting File System and how does it work ?

You may find the following links useful for further information :

1. Windows BitLocker Drive Encryption Step-by-Step Guide
2. What is a TPM, and Why Does Windows Need One For Disk Encryption?
3. How to turn the TPM on or off
4. How to Use the TPM: A Guide to Hardware-Based Endpoint Security

• This reply was modified 8 years ago by tupu.
• This reply was modified 8 years ago by tupu.
• This reply was modified 8 years ago by tupu.
• This reply was modified 5 years, 7 months ago by tsb-moderator.