{"id":239,"date":"2016-06-22T15:02:07","date_gmt":"2016-06-22T19:02:07","guid":{"rendered":"http:\/\/www.heliotropicsystems.com\/blog\/?p=239"},"modified":"2016-06-22T15:05:31","modified_gmt":"2016-06-22T19:05:31","slug":"seven-steps-to-take-if-you-mistakenly-let-a-stranger-access-your-computer","status":"publish","type":"post","link":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/seven-steps-to-take-if-you-mistakenly-let-a-stranger-access-your-computer\/","title":{"rendered":"Seven Steps To Take If You Mistakenly Let A Stranger Access Your Computer"},"content":{"rendered":"

The last thing in the world I want to hear from a client is, \u201cI did something really stupid,\u201d because sometimes I am inclined to agree with them.\u00a0 This was the case the other day.\u00a0 I received a very distraught call in the middle of the afternoon. My client sputtered, \u201cI should have known better, but I just wasn\u2019t thinking.\u201d\u00a0 She went on to tell me that she received a phone call from someone who alerted her to the fact that something was wrong with her computer and that he had to remote in to fix it.<\/p>\n

What makes this situation a bit puzzling is that she uses a Mac, and most of these fake callers say they are from Microsoft.\u00a0 Now for the truly terrifying part:\u00a0 She proceeded to let a complete stranger remotely access her computer for about an hour.<\/p>\n

I won\u2019t go into the recriminations she must be feeling.\u00a0 While I tried to offer as much comfort as possible, I am quite embarrassed that one of my clients would not think to call me, or at least tell the person calling that \u201cI already have a computer guy who takes care of this for me.\u201d\u00a0 But that is not the point of this security brief.\u00a0 I need to concentrate your attention on what has to happen after<\/em> this atrocious event.<\/p>\n

I could try to come up with an analogy or equivalent in real life to what occurred, but words won\u2019t do it justice.\u00a0 In simple terms, it is a violation of personal space and privacy.\u00a0 This stranger had access to a computer that contained someone\u2019s life story.\u00a0 There are documents, which detail a variety of things, such as doctor appointments, banking information, letters to family members, and the like.\u00a0 There are the web sites that are bookmarked as favorites, including email, financial institutions, travel sites, and periodicals.\u00a0 These are the bits and pieces of everyday life that criminals will take and use to their advantage.<\/p>\n

There is a thriving black market in the digital underground.\u00a0 Credit card details sell for anywhere between $2 and $90; iTunes accounts go for $8, and physical credit cards for up to $190.\u00a0 The information this stranger could have obtained from this Mac can provide information to sell on the black market or to use for his own personal gain.\u00a0 I cannot stress this enough, what occurred to this client is extremely<\/strong> scary!<\/p>\n

Here are the seven steps<\/strong> <\/em>that I advise anyone in this kind of situation to take:<\/p>\n

    \n
  1. Contact your bank and change your checking and savings account numbers.\u00a0 The stranger tried to engage in a \u201cfair trade\u201d incident:\u00a0 The cost of my service is $250, but I mistakenly transferred $3,250 to your bank account.\u00a0 Please send me back the $3,000 in a wire transfer.\u00a0 This is total, complete, absolute fraud!\u00a0 But if you are scared about the situation \u2013 or don\u2019t realize the danger you are already in \u2013 you could easily send a small fortune to a criminal.\u00a0 Similarly, if your bank account information is stored on your computer that is personally identifiable information, which is something a criminal can use.<\/li>\n
  2. Contact your credit card companies and request that they issue you new cards.\u00a0 Explain that your accounts may have been compromised, and that rather than wait for the charges to appear and then have to explain them, you want to be proactive.\u00a0 Note that any merchant with which you have a recurring charge will need to be notified of the change in card number.<\/li>\n
  3. Contact the three credit reporting agencies (TransUnion, Experian, and Equifax) and have them put a credit freeze in place.\u00a0 Refer to https:\/\/www.consumer.ftc.gov\/articles\/0497-credit-freeze-faqs<\/a> for more information.\u00a0 There may be a nominal fee for this, but your peace of mind is a priority.\u00a0 If any criminal attempts to open a new credit card, or purchase something that triggers a credit check, you will receive a call from the credit bureau to verify that you are, in fact, making the request.\u00a0 If the criminal is doing this, you can stop it immediately.\u00a0 Note that\u00a0 when you take this action it does not affect your credit score.\n

    While you are in contact with these agencies, ask them for your current credit report \u2013 this is free.\u00a0 Review it to make sure it is accurate; if it is not, make sure you go through the (sometimes arduous) process of correcting any errors.<\/li>\n

  4. If you have an online brokerage account, change your password!\u00a0 Then contact that company and find out what measures you can take to protect yourself against any fraudulent transactions.<\/li>\n
  5. Change the password on your email account(s).\u00a0 This person may have picked up a saved password and used a translator to hack it.\u00a0 You don\u2019t want your friends, acquaintances, or businesses you deal with to receive emails that purport to be from you.\u00a0 Make sure the password is something you can remember, but is still complex enough to be difficult to guess.<\/li>\n
  6. Change the password on the Mac and the Apple Store account with it.\u00a0 In this case, a hacker would need the Mac\u2019s administrator ID to install any additional software.\u00a0 By changing the password, the likelihood of the criminal using the old one is eliminated.\u00a0 Similarly, changing the password for the Apple Store account will prevent fraudulent charges for music and software from taking place.\u00a0 The key thing is to also update any iPhones or iPads with this same information.<\/li>\n
  7. If there is any evidence that any private personal information (e.g., Social Security number, driver\u2019s license number, or financial account number) has been misused, a report should be filed with the Federal Trade Commission (FTC) at https:\/\/www.identitytheft.gov\/<\/a> and then with your local police department.<\/li>\n<\/ol>\n

    I am sure that as time goes by I will amend this list, but for now I hope this will do.<\/p>\n

    In the meanwhile, this is as close a case of possible identity theft as I have seen since I started counseling you on the risks of Internet security.\u00a0 And while New Jersey has an Identity Theft Prevention Act that is enforced by the Division of Consumer Affairs, it is designed for businesses to protect the personal information it collects from customers.\u00a0 For consumers, some additional information is available here https:\/\/www.consumer.gov\/scams<\/a>.\u00a0 It is similar to what I have proposed; you essentially have to become your own advocate after the fact to keep yourself safe.\u00a0 The easier, smarter, thing to do is to avoid becoming a victim in the first place.<\/p>\n

    Any questions?\u00a0 Send them to info@heliotropicsystems.com or call 866-912-8808.<\/p>\n","protected":false},"excerpt":{"rendered":"

    The last thing in the world I want to hear from a client is, \u201cI did something really stupid,\u201d because sometimes I am inclined to agree with them.\u00a0 This was the case the other day.\u00a0 I received a very distraught call in the middle of the afternoon. My client sputtered, \u201cI should have known better, …<\/span> Read More →<\/span><\/a><\/span><\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[7,41,40],"tags":[],"class_list":["post-239","post","type-post","status-publish","format-standard","hentry","category-everyone","category-phishing","category-security"],"_links":{"self":[{"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/239","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=239"}],"version-history":[{"count":2,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/239\/revisions"}],"predecessor-version":[{"id":241,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/239\/revisions\/241"}],"wp:attachment":[{"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=239"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=239"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=239"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}