866-297-29007 AM - 1 AM Eastern Standard Time (EST)

Hacked by Russians: A True Story in 15 Steps

by John Ogren, Founder and CEO

The first sign of trouble was an email from SpeedConnect’s CFO on Thursday morning. She had an email from me asking her to wire money. It looked like my email, but something tipped her off that it was not quite right, mostly because it was addressed to her home email. I took it lightly, not the first time some miscreant tried to trick us into a money wire scam. It happens too often – we have even had the FBI involved on a couple of earlier attempts – and so I figured it was the same sort of thing. It did bother me that it was addressed to a personal email address, but not enough to think much more about it.

Friday morning, my business manager received a similar email, and this time we looked a little closer. We noticed that although it looked like it came from me, in fact, the “bad guy” (or gal) had taken the trouble and expense to create and register a seemingly credible domain name to perpetrate his scam.

We notified the FBI, opened a case and I sent an email to everyone who works for me to be careful as this was going on. I went back to my routine, and again thought of it as happening only outside of my inner circle – not in my home.

Then came Saturday morning, and it was no longer outside. A notice came from Apple at 9:45 AM, which said that an IP address and unknown browser, from Russia no less, was logged in to my iCloud account. Needless to say I was both shocked and overwhelmed, and for a moment scared to the bone. Some very element had hacked me, was looking at my stuff and trying to use my information for obviously unlawful reasons.

So. What to do. I needed to react and react fast. Experts may argue about the order of my actions, but this is what I did:

  1. I changed my apple ID, and activated what is known as two-factor authentication. The directions for this can be found at https://support.apple.com/en-us/HT204915. From that point, any log on from any computer requires an authorization code sent to another of my devices, in my case my iPhone, but it can be any computer or device such as an iPad. This is something we should all do (see below).
  2. I disconnected all browsers attached to my account (such as Google, Bing, etc.). This is an option in iTunes; who knows why apple puts it there.
  3.  I called my credit card company and bankers to cancel all cards, and locked down all accounts.
  4. I reviewed all account transactions, and thank God did not find any theft.
  5.  I notified my LifeLock account, and looked for any signs of fraud. Lifelock is an identity theft protection company.

In the middle of all of this, and while methodically trying to control what is a totally out-of-control feeling, I received a notification from that Apple that the Russian IP address had tried and failed multiple attempts to log in to my iCloud account, and so my accounts were all being locked down!!!

Damn, “Vlad” was in. I had forced him out, but he was scrambling to get back in. What did he see, how much had been lost, what did he know – my contacts, my email, my accounts? Again, time to react and react fast.

And so, I juggled my list:

  1. I sent an email notice to everyone on my contact list that I had been hacked and to view any email from me with suspicion. More than a few of my contacts said it had happened to them also.
  2. I spent all day looking for trouble, combing through every website that I used which required a password – Amazon,Verizon, Linkedin, other utilities and social media.

I woke at 3:00 AM Sunday with my mind racing, and went around the house turning off my computers and routers. Yet I still no longer felt safe. It’s a horrible feeling.

Sunday:

  1. I updated firmware on my home routers and changed all passwords (There are 15 devices that use my home wireless router!)
  2. I searched Google for ideas about how it happened, and to try to learn something about how bad it was.

I would like to pass on some helpful sites which have valuable information about hacking, internet scams and fraud, in hopes that you may learn about what is out there potentially trying to steal your identity for monetary gain and protect yourself. 

  1. https://www.fbi.gov/scams-and-safety/on-the-internet
  2. https://www.consumer.ftc.gov/scam-alerts
  3. https://www.usa.gov/scams-and-frauds
  4. http://www.bbb.org/council/news-events/lists/bbb-scam-alerts/
  5. https://www.fbi.gov/news/stories/simple-steps-for-internet-safety
  1. From all of my research, I didn’t learn much about how bad my situation was, but that I was on the right track and my order of priorities was good.
  2. With ideas from the web, I turned data encryption on my storage devices, created new backup files and disabled JAVA browser access (turns out Java can snoop your computer if a bad guy uses it that way).
  3. I checked Safari to be certain it was running the highest level of security, and made certain nothing could access my contact list.
  4. I upgraded to the latest software for my computers and all applications.

Monday:

  1. I called Apple support to see if they could add anything. I started with iChat and ended up talking with one of their security experts – a nice fellow. I wanted a list of all of the devices that had logged into my iCloud account over the last week. They would not or could not provide that. I find that hard to believe, but I can’t get what they refuse to provide. Nonetheless, it was a helpful call and I learned that my steps were the right ones. More importantly, I learned that if I had two-factor security running this would not have ever happened. I supposed that is called, “closing the barn door after the horse is gone!”
  2. I placed a fraud alert with the credit agencies, and now wait for the replacement credit cards or a terrible alert from LifeLock that someone has applied for credit in my name.

I own an Internet company, how could this happen to me? It can happen to any of us! But two-step authentication can help to prevent it.

Two-step authentication, or two-step verification, is a process that uses two authentication methods in order to verify that someone requesting access is who they are declared to be. Step one is a password. However, it is vital to use strong passwords. Here is a link to help you choose a password the will help protect your accounts.

After a strong password, step two is a second layer of security so that even if someone knows your password, they can’t access your information. Often this is in the form of a verification code or a fingerprint to use on your trusted devices.

Find Apple’s Two-Step Authentication details here: https://support.apple.com/en-us/HT204915

Find Android Two-Step Authentication details here: http://www.androidcentral.com/two-factor-authentication-what-you-need-know

Finally, I would like to share an excerpt from the Federal Trade Commission, one of the many sites I searched for solutions during these unpleasant 15 steps:

Treat Your Personal Information Like Cash

Don’t hand it out to just anyone. Your Social Security number, credit card numbers, and bank and utility account numbers can be used to steal your money or open new accounts in your name. So every time you are asked for your personal information – whether in a web form, an email, a text, or a phone message – think about whether you can really trust the request. In an effort to steal your information, scammers will do everything they can to appear trustworthy. Read more here.

Be safe, friends.

SpeedConnect | High-Speed Premium Wireless Internet | Stream It | Game It | Watch It | Play It