Cybercriminals try to leave no trace as they break into bank accounts, phones and PCs – but if someone is inside your social media and email accounts, there can be warning signs.
‘White hat’ hacker Ash Shatrieh uses similar techniques to real cybercriminals in order to ‘test’ cyber defenses and warn people that they are at risk.
Shatrieh, who works as a Threat Intelligence Researcher at F-Secure, told DailyMail.com about the subtle but telltale signs you have been hacked.
They include seeing different content than you’re used to on your timeline, or no longer receiving notifications on your phone like you used to.
If someone is inside your social media and email accounts, there can be warning signs
He said: ‘In response to any suspicious account activity, you should contact the service provider and reset your password to something strong, ideally random letters, numbers and characters.
‘In some cases your device (like a PC) might even be compromised by info stealing malware, in which case it’s important to run an antivirus scan on your computer.’
These are his signs to look out for:
Ash Shatrieh works as a Threat Intelligence Researcher at F-Secure (F-Secure)
The content you see on social media changes
If you suddenly start seeing unfamiliar content on social media – or content in new languages, it can be a sign someone is in your account.
Shatrieh said: ‘Be alert to changes in the content you’re seeing on social media.
‘Sudden shifts, such as an influx of posts in unfamiliar languages or suggestions from accounts you haven’t engaged with, could indicate suspicious activity.
‘Social media algorithms are tailored to your preferences, and unexpected changes might signify unauthorized access.’
You get messages, but no notifications
If you see messages appear in your account, but are not getting your usual notifications on your phone, it could be a warning sign someone else is seeing them first.
The hacker could have set up rules within your inbox to divert certain messages – so they can compromise further accounts including bank accounts, Shatrieh warned.
Shatrieh said: ‘Be wary if you observe the presence of new, unread emails without receiving corresponding notifications and experience delays in delivery.
‘This could be an indication that hackers have set up rules which can divert or hide emails from your inbox, suggesting that the hacker may be selectively releasing certain messages while concealing others.’
Shatrieh added: ‘Check your Inbox settings to see if there are rules diverting emails to addresses you don’t know.’
Very small transactions appear in your online banking
The goal of most hackers is simple – they want to get money, and as soon as they are in an email account, they will attempt to perform actions including compromising bank accounts.
Even small unrecognized charges (such as a few cents) can be a warning sign.
Shatrieh said: ‘Regularly review bank or credit card statements for unauthorized transactions. Hackers might initiate small transactions as a test before attempting larger ones.
‘Stay vigilant, even with seemingly insignificant amounts and report any suspicious transactions to your bank immediately. If you see attempts to spend on your card, call your bank and cancel the card.’
A new ‘trusted device’ appears
Most online services have a list of ‘trusted devices’ – if you see one there that’s not yours, it’s a warning sign that something suspicious is happening.
Shatrieh said: ‘Keep an eye on the list of “trusted devices” or “logged-in devices” provided by service providers. Unfamiliar devices, especially from remote locations, could signal unauthorized access.
‘This information may help identify the potential source of the hack. Again, on Gmail you can do this by checking the activity logs.
‘Note that one compromised account doesn’t imply others are compromised; it could be an isolated incident.’
A yellow banner appears under your email
In Gmail on a desktop, you’ll see a yellow banner showing that someone has logged in from an unfamiliar location – it’s underneath the mail email window.
Most online services will offer activity logs which can let you monitor logins – and can help pinpoint hackers.
Shatrieh said: ‘Regularly check activity logs provided by services to monitor login timestamps and IP addresses.
‘For instance, in Gmail, an unfamiliar location might trigger a yellow banner at the bottom. Investigate unusual activity, revoke unknown sessions (you can also request to sign out on all logged in devices), and secure your account promptly by resetting your login credentials. Remember, compromised devices may lead to a compromised account.’
Your account is suspended
A key warning sign of malicious activity is if your account is suddenly suspended or canceled, Shatrieh said.
Shatrieh said: ‘Watch for Unexpected Account Terminations, ‘If you receive notifications about account suspensions or terminations, it might indicate malicious activities.
‘Contact the service providers immediately to investigate and resolve the issue.
If you’re logged out suddenly, this can also be a warning sign, Shatrieh said.
‘If you find yourself repeatedly logged out without initiating it, investigate for suspicious login attempts.
‘Check your active sessions, trusted devices and logging-in devices list and if anything looks suspicious then revoke access, change your password and check that multi-factor authentication is set up and working properly.’