TL;DR version: In this post I document a recent hack suffered by a colleague of a Google Account and gMail. I detail some of the evidence and steps taken to secure the account.
Let’s face it, things will now get hacked online. At some point, whether through your own decisions or aggressive moves by an unseen agent…someone will root through your private content online. In future posts, I hope to share more about privacy and security in online spaces. In this post, I would like to share some evidence and insight from a recent hack that I helped a friend through.
What do you mean by “hacked”?
In a previous post, I try and better understand the meaning of the word hack. The Urban Dictionary definition for “hack” that I used in that post is as follows.
As I tried to detail in the earlier post, hack really should mean that you are trying to skillfully repurpose, or redesign the code, program, or purpose that has been assigned by another. I see hacking occurring in a digital and real-world sense. Yes, someone can hack your Netflix account to change the language to Spanish (yes, this just happened to me 🙂 ). I also see hacking as trying to modify a problem or situation to come to a resolution. I see MacGyver as one of the great original hackers. The problem is always the one being (possibly negatively) affected by the hack. Now that we have a common understanding of what a hack is…let’s look at one in progress.
How do you get hacked?
Most times when you’ve been hacked, you won’t even know. Over the past year or two I’ve been involved in the Target, Home Depot, Bank of America, Blue Cross & Blue Sheild hacks. Those are the ones that I know of. I know about these because the companies involved thankfully were transparent and shared what was happening. Also, there is very little that I did (other than conduct business with these organizations) that led to my being involved in the hack. It was the wrong place, and the wrong credit card at the wrong time.
There are also plenty of other opportunities to open yourself up based on your habits online. By downloading files, or installing programs to your computer you can put yourself at risk. Sometimes even trusted programs from trusted sellers can put you unknowingly at risk. It can be a link on a page or email…or even a pop-up on a browser or computer screen. The best protecting in my estimation is to have a healthy skepticism as you interact online. I also suggest having a quick response to deal with this event.
What does a hack look like?
Please understand that this is one example of someone hacking into your stuff. There are many ways that others can get in, and corrupt your digital property. Once again…this is one example that I’m detailing below. I’m sharing this for the purposes of detailing one way that this could look. I obfuscated the name of my colleague in the materials shown to protect their identity.
Last week while working at my computer I received an email from a colleague. I use gMail for all of my email and it usually does a great job sifting through my emails and only displaying messages from credible, relevant sources. This email was from a colleague that I know and trust. It was not out of the ordinary for this person to send me a message.
I was immediately suspicious because the notices that Google sends to alert you to new files shared by Google Drive don’t look like this. The other thing that made me suspicious was that the image for Google Drive and the fonts used in the email did not look crisp. Most times images and graphics used by top-tier web services like Google look crisp and have a great sense of design. This looked a bit messy.
I did not click on the link in the email that says “View – Download files.” I emailed my colleague back immediately to see if the materials were valid. I was a bit concerned that I might be endangering myself by responding to the email…but I wanted to make sure my colleague was ok. Typically, I will archive or delete messages that seem a bit fishy. I don’t even respond back.
The responses I received were even more disconcerting. My colleague is well educated and well respected. People sometimes leave sloppy, short sentences in communication. Upon the first response, I tried to click on the link in the email. Actually, more to the point, I copied the URL in the link and pasted it into a Word doc to see where it was taking me. The URL did not direct me to Google Drive. I searched online to see if others had complained about the URL in question…or at least the beginning part. The results from these searches showed that it was very questionable.
Even still…and probably stupidly, I tried to follow the link. By tried, I mean that Google Chrome would not let me. I clicked on the link and Chrome immediately brought me to a warning screen letting me know that the website I was headed to possibly contained some phishing scheme. Phishing is an illegal attempt to acquire sensitive info such as your usernames and passwords using electronic communication. Thank you Chrome for stepping in the way and protecting me as I investigated.
As you can see in the emails…the hacker suggested that I test out another browser to see if that would help. 🙂 I thankfully did not take that advice. I hunted down a different email for my colleague to once again see if this was a legitimate request. It wasn’t. My colleague indicated that it was a hack and tried to get some support to figure out what to do.
What do I do when I get hacked?
Once again, please keep in mind that this is one example, of one hacked account. By no means is this plan of action extensive, or proven to remove the problem. This is one plan of action. More directly, I want to highlight the healthy skepticism used as we investigated the situation. The steps listed below are the starting point for action. I would recommend contacting the company if possible. If credit cards, or finances were involved, contact your bank or credit provider. In this next section, I detail my advice for my colleague to handle the issue with the hacked email/gMail account.
First, change all of your passwords, especially (in this case) your Google Account credentials. When you change your Google Account password, set up two-factor authentication.
Second, in a situation like this…revoke access for all applications that use Google as the sign in. This will require you to sign in everywhere you use Google. When you sign in again to Chrome….uninstall any extensions you might not use/need/seem fishy.
Third, when you sign in again to Chrome….uninstall any extensions you might not use/need/seem fishy.
See what that does to your current settings and accounts.
So is that everything I need to know?
No, there will always be a future challenge to your privacy and security online. In my humble opinion, the biggest key is to remain informed. Remain skeptical and critical of your interactions online. But, I don’t think this is a reason to be afraid, or not interact online. Be safe, be secure online…but be there.
Cover photo by Thomas Hawk http://flickr.com/photos/thomashawk/11907163503 shared under a Creative Commons (BY-NC) license