You’ve been hacked, now what?
After a successful engagement and approval for your Finance Team to make payment to your supplier that played an instrumental role in the success achieved from the engagement, you get word from them that they didn’t receive payment. After checking with Finance, you are reassured that the payment was successfully made. However, after a few days your supplier still contacts you with a demand for payment. After personally following this up, it comes to your attention that Finance was correct, the payment was processed successfully but to the incorrect bank account.
After investigation, it turns out that an email instruction was given to Finance to process payment to the supplier’s updated banking details from what seemed to be a legitimate email from the supplier. To your horror, you come to realise that, like hundreds of other companies, you have been hacked!
A closer look at this incident confirms that the payment was successfully made to a ‘legitimate’ bank account but unfortunately not that of your supplier. In fact it turns out that somehow someone (a hacker in this case) managed to gain access to the individual in Finance’s company user account. They then managed to fraudulently send an email that looked like it was from the supplier requesting their bank account details to be changed and payment made to the new account.
An experience like this can be terrifying and often lead to blaming others, fury and fear. The thought of someone invading your personal and confidential information can be a debilitating experience. Especially when the victim has not done anything wrong or experienced anything out of the ordinary in terms of viruses or suspicious emails on their end.
The question from here is, “what do you do next”?
You know you have to act fast and make sense of the situation while proceeding swiftly to try recover what you can and your reputation with your suppliers.
The natural response is to go to the police to report the incident and possible charges. This is an important step but often there is not much the police can do for you apart from issue you with a case number.
Below are some further steps that can be implemented should you find yourselves in this scenario:
- Reset ALL your online account passwords e.g. LinkdIn, Facebook, shopping sites, etc.
This is particularly important if you are one of those people that share or use the same password for different online accounts. As tedious as this step might be, make sure that you reset your passwords for each and every account. This is important because once a hacker can access one account, their job is that much easier to hack into another.
Some great tips to help protect your user accounts are:
- Make use of a password generating application that can create strong passwords for your use and keep them same for when required
- Use two factor authentication – this is still one of the most effective ways of preventing hacking into your accounts through stolen passwords
- Have a backup email address for purposes of resetting accounts.
- Contact your bank and report the incident
Report the incident to your bank immediately. Most banks have advanced cyber teams to pick this up and assist you. Often your current account will be closed and a new one opened. This is also often followed with the issuing of new cards. The cost of issuing a new card and account is often negligent compared to the cost of potential further hacks resulting in fraudulent withdrawals or access to your accounts.
- Scan your device for viruses and malware
Run virus and malware scans on your machine. For obvious reason you want to get rid of any programmes or means by which the hacker has access to your information. If you don’t have these tools in place, it is not too late – just make sure you upgrade your security and get the necessary cyber security controls.
- Remove sensitive data
When hacked, unfortunately this is when most people realise just how much personal and confidential information they have on their machines. Make sure that all confidential or personal information is removed from your machine and preferably stored to an offline device like an encrypted external hard drive that cannot be accessed through online means.
- Perform a complete security assessment
To make sure that you have the correct cyber security and online controls in place, get an assessment done on your systems. This is an important step to help you protect your entire network and online ecosystem. If you have fallen victim to a hack, it makes you a target and it can happen to you again.
- Let people know
In this case, speaking about your experience is a good thing. Not only does it help to protect others, but it allows for them be on the lookout for suspicious communication that could be used by hackers to expropriate money from unsuspecting friends or clients.
In summary, it’s important for us to realise that cybercrimes happen more frequently that reported. As the attacks get more sophisticated, many employees (whether in SMEs or large organisations) unfortunately fall victim. This could be due inadequate awareness by employees or from simply not investment in online and cyber security controls.
Tiisa Group offers a unique range of products and services that help in mitigating the risk of a cyber attack e.g. security assessment and various cyber security and IT governance, risk management and compliance (GRC) solutions. Contact us and let’s see how we can assist you to not be a victim!