Hacking can present itself in many ways, including phishing attempts, malware, spyware, and viruses.
If you feel as though any of the above has occurred to one of your accounts or devices, report it immediately by emailing dasa-tech-help@ncsu.edu (please copy security@help.ncsu.edu)
Do not try to fix it yourself.
If you believe your device or account has been wrongfully accessed, here are some steps you can take:
- Use another machine to change all of your passwords: Hackers can capture your keystrokes, so you’ll be best protected by getting away from the hacked computer. Start with your most important accounts such as banking and email. Do not use any given password for more than one account. Once a hacker knows one of your passwords, the hacker will use it to attempt access to your other accounts.
- Use a password manager: Use a password manager software app or application to manage all your passwords. Some browsers, like Chrome, have a convenient, built-in password manager; however, all browser password managers are vulnerable to malware. The best password managers are LastPass and 1Password. Both are free, but you can pay a premium for additional features.
- Enable two-factor authentication (2FA): To protect your online accounts and especially to protect a password manager installed on your laptops, computers and smart devices, enable 2FA. Google 2-Step and Duo are both available and required for NC State employees. It is much more difficult for a hacker to access your data if you use 2FA. In addition to knowing your password, the hacker must also have the physical device you use as your second type of authentication, such as a USB security key; a code delivered via text, voice call or mobile app; a printed backup code; or a push notification on your smartphone. Do not share your second type of authentication, such as codes, with anyone.
- Report fraud: If your bank has not contacted you already about suspected fraud, call and report it right away. Put a freeze on all your credit cards as well.
- Update your antivirus: Follow the steps your antivirus software recommends.
- Check for new accounts: Check your Inbox, Spam, Trash, and Sent email folders for evidence that your email was used to set up new accounts — such as emails with subject lines that say, “Your account was successfully created,” or “Please verify your email.” If you do find such evidence, try logging in to those new accounts and use the reset password feature to gain access and delete the new accounts.
- Reinstall operating system and back up files: Reinstall your operating system, wipe your hard drive clean, and retrieve your backup files. If you don’t feel comfortable doing this, enlist the assistance of an IT professional you know and trust. It is absolutely worth your time.