Row midpoint Shape Decorative svg added to top

Cybersecurity

cybersecurity awareness month logo
Cyber Survival Guide header
National Cybersecurity Alliance logo
Campground cartoon drawing is in the background

Wooden signpost illustration that reads: "So you think you were PWNED (password compromised)...

The spirit of adventure beckons you online!

You have fun­ny GIFs to find, emails to ignore, pants to buy. But we all know that per­ils lurk in the dark cor­ners of the web, and, even when you try to main­tain good habits, you can encounter packs of cyber­crim­i­nals and mali­cious soft­ware.

What is there to do? Don’t despair! We’re here to help! Use the fol­low­ing as a sur­vival guide for when you think you down­loaded a virus, when you sus­pect an online account has been hacked, or a cyber­crim­i­nal is threat­en­ing to delete all your files unless you hand over some cryp­tocur­ren­cy.

With all these mishaps, the most com­mon way hack­ers get access to your pri­vate dig­i­tal life is through phish­ing – no, not the kind at a lake. Keep­ing your wits about you when a sus­pi­cious mes­sage slith­ers its way into your inbox can help you douse a hack­ing attempt before it ignites into some­thing more seri­ous.

Along our journey, we’ll tell you what to look out for so cybercriminals can’t set a hook in your data!

Campsite with backpack, tent, and campfire
Wooden signpost illustration that reads: "If you think your device has a virus..."

You’ve probably heard spine-tingling tales around the digital campfire about computer viruses and the chaos they leave in their wake.

Slug­gish devices, sen­si­tive infor­ma­tion pur­loined, a lap­top trans­formed into an expen­sive, inop­er­a­tive paper­weight. Virus­es and mal­ware are very real haz­ards swarm­ing around the inter­net, but you can bush­whack them away with con­cert­ed action and a qual­i­ty antivirus pro­gram, and then you can take proac­tive action to keep their ten­drils from vin­ing around your device!

Common symptoms of a computer virus:

  • Sud­den­ly slow com­put­er per­for­mance

  • Com­put­er unex­pect­ed­ly shut­ting down or restart­ing

  • Over­worked hard dri­ve caus­ing your com­put­er’s inter­nal fan to run often

  • Fre­quent error mes­sages and unex­pect­ed pop-up win­dows

  • Unknown appli­ca­tions (like web brows­er tool­bars) that appear with­out you down­load­ing them

  • Fre­quent sys­tem crash­es

  • Lag­ging web brows­er or your web brows­er con­stant­ly redi­rects

  • Mal­func­tion­ing antivirus pro­grams or fire­walls

  • Miss­ing files

Campsite with backpack, tent, and campfire

What to do if you think you have a virus:

1. Run a full sys­tem scan with your antivirus soft­ware.

2. Restore your com­put­er to an ear­li­er back­up if you can­not delete the infect­ed files. Run a full sys­tem scan again.

3. Delete all the tem­po­rary files on your device.

4. Go Safe Mode: if you can­not delete all the tem­po­rary files, try boot­ing up your sys­tem in “Safe Mode” and attempt to delete them again.

5. If you still can­not get rid of the virus, wipe the entire hard dri­ve and rein­stall your oper­at­ing sys­tem.

This is called “reimag­ing your machine” and will delete all your files and doc­u­ments (which is why we rec­om­mend prac­tic­ing good back­up habits). Although there are rare instances where a com­put­er virus sur­vives a dri­ve reimag­ing, this will gen­er­al­ly elim­i­nate the vast major­i­ty of virus­es.

Wooden signpost illustration that reads: "If you think your account has been hacked..."

Fear­less inter­net explor­ers, you have the pow­er to reclaim your online accounts even if a hack­er sneaks in! With some quick, sure-foot­ed action, you can shoo cyber­crim­i­nals out of your social media, email, or oth­er account and push them back into the dig­i­tal wilder­ness. Let’s look at how you can iden­ti­fy if one (or sev­er­al) of your accounts have been com­pro­mised and how you can restore order to your online base­camp.

Look out for tell-tale signs that your account has been hacked.

  • Your social media pro­file pub­lish­es posts that you didn’t cre­ate

  • Your social media pro­file sends phish­ing DMs to fol­low­ers encour­ag­ing them to click on a link, down­load an app, or buy some­thing

  • Friends and fol­low­ers tell you that they’ve received emails or mes­sages that you nev­er sent

  • A com­pa­ny alerts you that your account infor­ma­tion was lost or stolen in a data breach

Campsite with backpack, tent, and campfire

What to do if you think your account has been hacked:

1. Change the accoun­t’s pass­word right away.

You can often lock out a cyber­crim­i­nal by chang­ing the accoun­t’s pass­word. Unfor­tu­nate­ly, this can also work the oth­er way around: the hack­er might change the pass­word and lock you out. If this hap­pens, use the accoun­t’s “For­got my Pass­word” func­tion to reset it. If more help is need­ed, con­tact the online plat­form or web­site ASAP about the sit­u­a­tion.

2. Noti­fy your con­tacts that your account was hacked and that they might receive spam mes­sages that look like they came from you.

Instruct your friends, fam­i­ly, col­leagues, fol­low­ers, and oth­er con­tacts not to open these mes­sages or click on any links con­tained in them. When the sit­u­a­tion is cleared up, let every­one know that your accounts are secure again.

3. Run a full sys­tem scan of your com­put­er using your antivirus soft­ware.

4. Get help.

If you sus­pect some­one has stolen mon­ey from you, con­tact your bank and the local police. If a work account was com­pro­mised, con­tact your com­pa­ny’s IT depart­ment. If you think your iden­ti­ty was stolen, con­tact the three cred­it bureaus and the FTC. Con­tact the respec­tive online plat­form regard­ing the hacked account. Con­tact trust­ed friends and fam­i­ly about the mat­ter so they can be on the look­out for weird com­mu­ni­ca­tions from your online pro­files.

Wooden signpost illustration that reads: "If you are infected with ransomware..."

Unlike white-water raft­ing, ran­somware is an adren­a­line rush no one wants to have. Pic­ture this: you savor­ing your morn­ing cup of cof­fee, fire up your com­put­er, and dis­cov­er that you can’t access any of your pre­cious files along with a taunt­ing mes­sage from nasty hack­ers say­ing your data will be toast unless you pay a ran­som. This means you’ve been struck by ran­somware, a seri­ous crime that has recent­ly been on the rise. Here are some tech­niques to take on dig­i­tal hostage-tak­ers.

1. Stay calm and focused. Hack­ers want to send you into a state of pan­ic – don’t let them! By main­tain­ing your cool, you can make more informed deci­sions. Even if the sit­u­a­tion is dire, a calm approach will ensure you are tak­ing stock of all your options.

2. Take a pho­to of the ran­somware mes­sage for evi­dence.

3. Quar­an­tine your device by dis­con­nect­ing from Wi-Fi and unplug­ging any eth­er­net cables. Remove any exter­nal hard dri­ves or thumb dri­ves ASAP because many ran­somware pro­grams will try to cor­rupt your back­ups.

4. Check your antivirus soft­ware to see if it has decryp­tion tools to remove the ran­somware. Depend­ing on the mal­ware, your antivirus soft­ware might be able to decrypt your data with­out requir­ing you to pay a ran­som to any­one. Even if you can’t undo the encryp­tion, the soft­ware might be able to iden­ti­fy the strain of ran­somware which will help with the inves­ti­ga­tion.

5. Wipe your hard dri­ve and rein­stall your oper­at­ing sys­tem. Ide­al­ly, you will have backed up your files on the cloud or an exter­nal hard dri­ve. Wip­ing your hard dri­ve will elim­i­nate every­thing you saved on your com­put­er, but it might also elim­i­nate the ran­somware pro­gram, too.

6. Report the ran­somware attack to your local police depart­ment, the FBI, CISA, and the U.S. Secret Ser­vice.

7. Should you pay the ran­som? We rec­om­mend nev­er pay­ing out dur­ing a ran­somware attack because it only fuels more cyber­crime. If you have exhaust­ed every option and you believe the files being held hostage are worth the ran­som, con­sid­er that there is no guar­an­tee that the cyber­crim­i­nals will decrypt your files even if you pay. Con­sult with law enforce­ment, cyber­se­cu­ri­ty pro­fes­sion­als, and legal advi­sors to assess the sit­u­a­tion and make an informed deci­sion.

8. Once you have con­trol of your device again, change all your pass­words because the hack­ers could’ve looked through pass­words saved on your web brows­er or else­where.

Wooden signpost illustration that reads: "Be Prepared"

As with most things in our real and online lives, pre­vent­ing hack­ing is eas­i­er than deal­ing with the fall­out after it has hap­pened in the major­i­ty of cas­es. By prac­tic­ing some good cyber hygiene behav­iors, you can stay on the trail head­ed to amaz­ing inter­net expe­ri­ences!

Most of the unfor­tu­nate events described in this guide are caused by a phish­ing attack, which is when a cyber­crim­i­nal sends you an email, mes­sage, social media post, or text that includes a mali­cious down­load or link. If the hack­er can trick you into click­ing, you risk down­load­ing a virus, los­ing con­trol of an account, or becom­ing held hostage by ran­somware.

Here are some common signs of a phishing message:

  • Does it contain an offer that’s too good to be true?

  • Does it include language that’s urgent, alarming, or threatening?

  • Is it poorly crafted writing riddled with misspellings and bad grammar?

  • Is the greeting ambiguous or very generic?

  • Does it include requests to send personal information?

  • Does it stress an urgency to click on unfamiliar hyperlinks or attachments?

  • Does the sender’s e‑mail address match the company it’s coming from?

  • Look for little misspellings like pavpal.com or anazon.com.

Cybersecurity tips displayed on campsite-style signposts.
Down­load this Guide [PDF]

Start typing and press enter to search

Loading...