What to Do If Hackers Try to Phish You

We recently published an article on how to respond if your computer has been exposed to malware. Every professional needs to have their version of this process. We are all at risk of targeting from hackers or automated hacking programs. This is not just true of malware infection. Phishing is just as common, and often used as a method to trick professionals into opening or downloading malware files.

It is important to recognize phishing attempts when they occur and protect yourself from them. Your first priority is to not get phished; to identify a hacker and avoid taking the bait. Don’t engage, click, share, or transfer. From there, you will also want a plan to report the hack and potentially stop that entire avenue of attacks. You could prevent dozens to millions of attacks by reporting a phishing attempt and providing relevant data.

This means that whether you stop or accidentally click, you can help catch at least one hacker or stop an entire family of malware with the right pro response.

Here’s what to do if you detect a phishing attempt:

Stop Communication

When you suspect that an account is trying to phish or has just phished you, stop communicating with them. Don’t send another message and don’t engage with any further messages. Don’t give them anything else to work with or allow them to try additional tactics. If you feel it is practical, immediately block them from your contacts list.

Don’t Click or Open Anything

Anything that is sent, do not interact with it. Isolate or delete any files, links, images, or formatted text.  Do not allow programs to be automatically opened. Anything still downloading, cancel and purge the transfer.

Damage Control if Necessary

If you have already downloaded something that might be malware, apply damage control. Do not log into anything sensitive and log out of everything. Cut off all networking functions, manually if possible. Use another device to mark your infected devices as no-longer trusted on the security list. In other words, transfer that device from the white-list to the black-list.

Take Screenshots

Create a file of evidence for the suspected phishing strategy. Take a screenshot of all communications. Save plain-text messages and emails. Screenshot any relevant file names or thumbnails without interacting with the files.

If your computer has been infected and also safely isolated, take this opportunity to collect some data. You can choose to keep it off and preserved for IT or collect screenshots of some error or hacked pages.

Be careful. Do not connect to the internet. Do not engage with malware if there is sensitive data stored locally on your computer.

Contact the Impersonated or Relevant Party

From here, we advise working on a separate device or skipping direcly to scrubbing and restoring your computer from clean backups.

Now it’s time to start getting confirmations and building a report. Start by reaching out to whoever was impersonated or referenced in the phish-bait. If a coworker or boss was impersonated, touch base with them. Send an email or share a video call. Tell them what the message said and how they were impersonated. This is a matter of identity theft as well, so they deserve to be a part.

If an organization was involved, contact them. For example, if the hacker impersonated your bank’s customer service system, call them to start a report. They will want to know how gaps in their security have allowed a niche for hackers and fix that.

Alert Your Employer& IT Department

Any time you are targeted for a hack, it’s a good idea to loop in your employers. Even if the phish seemed to impersonate and focus on family or your personal finances, there’s a chance your employer was the ultimate target. Many companies will rally in defense of a team member and help use your situation to keep everyone in the company safe from similar attacks.

Also get in touch with your IT department. Let them know the vector of attack and ask if they want a report on the method and a crack at the malware. The answer will likely be yes.

Report Internet Crime to the FBI

In legal terms, phishing translates to Internet Fraud, which is a crime. Because internet crime often spans state lines indiscriminately, it falls into the hands of the FBI. The FBI is actively tracking hackers and malware scams and appreciates well-constructed reports when hacking attempts occur. After you have talked to your company’s IT department about their hacking response policy, report it to the FBI.

Head over to the Internet Crime Complaint Center (IC3) and file a complaint. There’s a handy online form so that you don’t have to personally call or hand-address a letter to your local FBI field office.

Scrub Your Computer & Restore from Backups

Once you have alerted the affected parties and the teams dedicated to stopping hackers, it’s safe to fully wipe your computer and restore from backups. If there are files you need to retrieve, work with your company’s IT department or an outsourced expert to do so safely. Then restore the entire system to factory settings and reload all your programs, files, and settings from a backup.

The more recent and complete a backup you have, the easier it is to bounce-back from malware, device damage, and other data-fatal errors.

Recognizing phishing has become a necessary part of modern self-defense. We each look out for ourselves, making the entire community stronger against certain kinds of attacks. Hackers have been going hard on impersonations and taking advantage of physical distance between professionals, but we don’t have to let them. With awareness and a good response plan, it can be easy to identify phishing attempts and even turn the tables on the would-be hackers.

Here at BWS Technologies, we specialize in helping teams create network security individually and as a company. Contact us today for more social hacking defense insights, services, and professional guides. We’ll help hone your team’s unique security and workflow tech.