Not all suspicious behavior is a hack.
Well, it depends.
I’ll look at several approaches, but I need to be honest: you may not always be able to tell — at least not right away.
Become a Patron of Ask Leo! and go ad-free!
You can often tell your email account has been hacked if your contacts — not just one or two, but many contacts — start getting spam from you. When it comes to your computer, unexpected activity may be the only sign, and can be easily mistaken for normal operation. Unexpected activity directly in your online accounts can also indicate a hack, but duplicate or clone accounts are not a sign of a hack. Finally, a sudden inability to sign in to an account is probably the most common first sign of a hack.
Email hacks are one of the easiest to recognize because your contacts may be the first to know.
If you suddenly get multiple messages from your contacts, saying they’ve received spam email from your address — not your name, your actual email address — there’s a pretty good chance your email account has been hacked.
That this rash of reports comes from your contacts — the entries in your contacts list or address book — is important.
Spammers can easily send email that looks like it’s coming from you without hacking your account. It’s called “from: spoofing” and doesn’t use your account at all. Spammers just forge email and send it out to random people on the internet.
On the other hand, if you’re getting multiple reports from people listed in your address book, that’s the clue that something’s up. The spammer may have hacked your account and could be using your address book as a target for their messages.
If this is happening to you, review my article, “Email Hacked? The 7 Things You Need to Do Right Away.” It lists the steps you need to take. It’s not enough to just change your password; there are other things you need to do.
When hackers attack a computer, they go to great lengths to hide. That means you can’t always easily determine what’s wrong.
I do have an article — “How Can I Tell If My Computer Is Being Hacked?” — which might give you a good start.
There are a couple of possible indications that something is up.
- An abnormal increase in internet or network activity. Unless you actively monitor your internet connection (and I know of no one who does), this usually manifests as slow internet access when you know you’re not doing anything special. In recent years, this has become significantly more difficult to diagnose, however, since most people have multiple devices connected to the internet that could be hogging the connection.
- Unexpected disk activity. This is a similar scenario; a hacker or malware is accessing files on your computer. This is one of the early warning signs of ransomware performing its malicious task. Again, you have to know what’s normal and what’s not. The problem is that many programs access the disk even when you’re not using the computer.
Prevention is significantly easier than detection. Follow the guidelines outlined in Internet Safety: 7 Steps to Keeping Your Computer Safe on the Internet to prevent this from happening in the first place. It’s very difficult for the average computer user to tell if their computer has been hacked.
Like email, a hack of your Facebook account tends to be clearer than that of your computer. The first sign is when posts or messages appear on Facebook that look like they came from you, but you know you had nothing to do with.
It’s important to note that liking a page or playing a game can sometimes allow them to post things on your behalf. That’s generally not a sign of a hack. It’s when something appears that could only have been posted or messaged by you, and yet you know you didn’t, that we suspect a hack.
Once again, the same kinds of things we discussed in respect to email apply to Facebook. You need to change your password and change (or at least confirm) your recovery settings.
It’s also important to realize that a duplicate account made to look like your account is not a hack. It’s just someone creating an account on Facebook using your name, photos, and other information. You can report it to Facebook, but again: you have not been hacked.
What about passwords?
One thing I haven’t mentioned yet is passwords.
By far the most common sign that your account has been hacked is that you can no longer log in because your password has been changed. That’s a pretty clear sign, and has a pretty clear resolution path: use the account recovery options you’ve set up to recover access to your account.
Hackers are sneaky, though. Sometimes they’ll purposely leave the password unchanged to delay your discovery of the problem. The longer you don’t realize it, the longer they can do whatever the heck they’re doing.
Have you been hacked? What tipped you off?
As you can tell, unless your password’s been changed, it can be difficult to tell you’ve been hacked at all.
If that’s happened to you, I’d be interested in learning how you figured it out. What kinds of things tipped you off? What made you suspicious?
Leave a comment below with your experience.
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!