I got hacked last night after clicking a link in Discord. A hacker had taken control of a friend's account and tricked me into clicking a link. He was able to access my passwords and even displayed them in real-time. After changing my email and password, he showed me screenshots of my email inbox.
I ran antivirus software and found a Trojan horse, which I believe I've dealt with since I've run multiple scans with programs like Malwarebytes, AVG, and McAfee. I managed to recover my accounts by paying the hacker, but now I've set up two-factor authentication (2FA) and changed my passwords for everything. Today, I noticed attempts to log into my Netflix, and I received a notification asking if I was trying to log in to my email. The hacker mentioned selling my information, so I'm worried about further issues.
What other steps can I take to ensure my safety?
2 Answers
It's a scorched earth policy for sure. I’d recommend burning your old email accounts and backing up any important emails you need. Create new Outlook or Gmail accounts and use a password manager like 1Password to generate strong passwords. Get rid of any old passwords that may be similar to your new ones. Stay safe!
I’ve already ditched all my old passwords and opted for completely new ones with 2FA, but I’d rather not create new emails if it’s avoidable. Is there any way to keep my current email safe from the virus? Are the antivirus scans I’ve run sufficient?
First off, you need to clean your computer thoroughly. The best way to handle this is to perform a clean install of Windows. Make sure to back up any important files that you haven’t already done. Use this guide for the clean install: [link]. Just remember to create the installer using a fresh USB on a non-infected machine to avoid reinfection. After reinstalling, change all your passwords again. Also, consider canceling services like Netflix and setting them up with a new email the hacker doesn’t know about since they might keep trying to access your accounts.
Yes, using a mobile authenticator for your 2FA is key since your mobile number can be spoofed. Make sure to set that up!