In today’s threatscape, antimalware software provides little peace of mind. In fact, antimalware scanners are horrifically inaccurate, especially with exploits less than 24 hours old. Malicious hackers and malware can change their tactics at will. Swap a few bytes around, and a previously recognized malware program becomes unrecognizable. All you have to do is drop off any suspected malware file at Google’s VirusTotal, which has over 60 different antimalware scanners, to see that detection rates aren’t all as advertised.

To combat this, many antimalware programs monitor program behaviors, often called heuristics, to catch previously unrecognized malware. Other programs use virtualized environments, system monitoring, network traffic detection and all of the above to be more accurate. Still they fail us on a regular basis. If they fail, you need to know how to spot malware that got through.

How to know if you’ve been hacked

Here are 15 sure signs you’ve been hacked and what to do in the event of compromise.

  1. You get a ransomware message
  2. You get a fake antivirus message
  3. You have unwanted browser toolbars
  4. Your internet searches are redirected
  5. You see frequent, random popups
  6. Your friends receive social media invitations from you that you didn’t send
  7. Your online password isn’t working
  8. You observe unexpected software installs
  9. Your mouse moves between programs and makes selections
  10. Antimalware, Task Manager or Registry Editor is disabled
  11. Your online account is missing money
  12. You’ve been notified by someone you’ve been hacked
  13. Confidential data has been leaked
  14. Your credentials are in a password dump
  15. You observe strange network traffic patterns

Note that in all cases, the number 1 recommendation is to completely restore your system to a known good state before proceeding. In the early days, this meant formatting the computer and restoring all programs and data. Today, it might simply mean clicking on a Restore button. Either way, a compromised computer can never be fully trusted again. Follow the recommended recovery steps listed in each category below if you don’t want to do a full restore. Again, a full restore is always a better option, risk-wise.

1. You get a ransomware message

One of the worst messages anyone can see on their computer is a sudden screen take-over telling them all their data is encrypted and asking for a payment to unlock it. Ransomware is huge! After a slight decrease in activity in 2017, ransom-asking programs have come roaring back. Billions of dollars in productivity is being lost and billions in ransom are being paid. Small businesses, large businesses, hospitals, police stations and entire cities are being brought to a halt by ransomware. About 50% of the victims pay the ransom, ensuring that it isn’t going away anytime soon.

Copyright © 2020 IDG Communications, Inc.