Hackers are getting more creative in their quest to exploit innocent people. From taking over social media accounts to threatening to publish embarrassing videos, these criminals are relentless. The good news is that these issues are easy to avoid. The bad news is that if you’ve fallen prey, it can be difficult to fix. But in most cases, it is possible to recover.
Before we get into some common scams, let’s review a few dos and don’ts:
Do:
|
Don’t:
|
Scam 1: Sextortion
In recent years, a disturbing scam has been circulating via email, preying on people’s fears and vulnerabilities. The scam involves hackers claiming to have compromising video footage of you watching adult content. They threaten to release this video unless you pay a ransom in cryptocurrency (usually Bitcoin). The email will often have a password that you use (or used in the past) somewhere in the message (typically the subject).
What’s happened here is that your password was leaked. A common cause is that a site you used the credentials on was breached, and the list was put up for grabs on the dark web. It’s easier for the hacker to create an email template and send a threatening note to everyone on the list than to try to every set of credentials.
The important thing to note is that in most of these cases, there is no such video and the hacker does not have access to your system. However, we recommend running a virus & malware scan to confirm there’s no malicious code on your device.
Scam 2: Sextortion Part Deux
A variant of the email scam is a hacker reaches out via a social media direct message and shares embarrassing pictures of you. If you don’t send them some funds in cryptocurrency, they’ll send the photos to your social media contacts.
The photos typically come from your social media accounts. Often, the hacker uses an AI tool to alter them or create what’s known as a deepfake. A deepfake is a photo that looks real but isn’t. Deepfakes have been around for decades but now, due to new AI tools, almost anyone can create them.
If the photos or videos are real, then the service that backs up the photos on your phone may have been compromised. This is rare, and these hacks tend to target celebrities. However, it’s possible the hacker could have found your iCloud or Google credentials and gained access to the images.
Along those lines, someone that you sent the compromising photo to could have shared it or had their credentials hacked. If that’s the case, then things can become very messy. We strongly discourage sharing anything you don’t want the world to see on social media, email, and even platforms that allow content to expire (such as Snapchat).
Regardless, it makes sense to run a malware scan on your device. Then change the password on any social media and photo backup accounts involved.
Scam 3: Social Hacking
A friend reaches out via direct message because they need money. Or, there’s this super cool new social media site that they want you to check out. They ask for your cell phone number (their phone was recently replaced so they no longer have it). Then you get a code to share with them. Moments later, you’re locked out of your account and you’re receiving texts from friends asking if you’ve been hacked.
We all spend a lot of time building our social media presence. And in a matter of seconds, everything can be gone if you fall victim to this scam. With so many people falling victim to these scams, the social media services have started putting a process in place to help. For example, if this happens on Instagram, you can go to https://www.instagram.com/hacked/
There’s no guarantee that you’ll be able to get your account back. And it doesn’t help that social media services aren’t always easy to get in touch with. So, your worst-case scenario is that you start over. Unfortunately, this is one of those scams where multi-factor authentication won’t help you – this scam exploits it.
What to do when you fall victim:
First, keep calm and take inventory of the situation. Is there an actual issue? Did you share the code or click on a link? If not, don’t panic. Just delete the DM or email and if possible, block and report the sender. Then run a quick malware scan on all affected devices and change passwords if appropriate.
If you’ve clicked on a link or shared your code, run a malware scan on the affected device immediately. Then, if your social media account was hacked, below are the links on what to do next:
Facebook: https://www.facebook.com/help/1216349518398524
LinkedIn: https://www.linkedin.com/help/linkedin/ask/TS-RHA
Instagram: https://www.instagram.com/hacked/
Snapchat: https://help.snapchat.com/hc/en-us/articles/7012305621908-My-account-is-compromised
TikTok: https://support.tiktok.com/en/log-in-troubleshoot/log-in/my-account-has-been-hacked
X / Twitter: https://help.twitter.com/en/forms/account-access/appeals/
And remember to not beat yourself up because you became a victim. These criminals prey upon people who don’t understand technology. Just make sure you continue to educate yourself and let others know about the scam so they don’t make the same mistake.
Reporting to local authorities
In most of these cases, it’s nearly impossible to track down the cybercriminal. It doesn’t hurt to reach out to your local police department, but your mileage may vary. These issues are so common that many police departments lack the bandwidth to do a full investigation. However, they are best suited to determine whether a crime was committed and can advise on next steps.
Preventing scams:
We have a list of dos and don’ts at the top of the article so be sure to review them again. Following these guidelines will help. But always be suspicious when you receive something that doesn’t seem right. If you receive a link or DM from a friend, call them to verify. If you can, shut off the automatic loading of images in your email client. This will prevent any tracking images from alerting the hacker (and spammers as well) that you’ve opened the email.
If you need help:
With anything crime-related, you should always start with your local police. They will advise if other agencies need to be involved.
We can always help advise you on steps to take to prevent a hack and what to do after a hack. Feel free to reach out to us via our contact page and someone will get back to you.
We’ll keep this article updated so be sure to bookmark it.
