Stop using the infected computer until you are sure it is clean.
Run updated and reputable antivirus programs (listed below) and perform a full scan. This action alone cannot guarantee that the computer is clean of all malware, however, it is the least disruptive. The most effective and guaranteed way to be sure your computer is clean is to reload the entire operating system. Reloading your operating system is quite disruptive. You must find a way to back up all your important files, it can be time-consuming and is an advanced task that you may need to have a trained computer technician perform.

Reset your passwords.
You should immediately reset all your passwords for accounts that you have used from the compromised computer. However, you should change your accounts from a different computer that you know is not infected. This includes sites like social networking, banking, other email accounts and healthcare to name a few. Every site should use a different password. All your passwords should be strong passwords (see tips on creating a strong password) that do not include personal information such as birthdates, names and other identifiable information.

Check your accounts for suspicious behavior.
Keep an eye out on your banking transactions, look for changes to your account settings such as changes to addresses, email addresses or phone numbers. Criminals will change this contact information and then use it to further compromise your accounts. Check your credit report annually.

Ask yourself how you may have been hacked.
Once you’ve gained control and security again, sit down and try to figure out why you were hacked. Often, its simple behaviors that allow us to get hacked. You may have had a weak password. You might have clicked on a link in an email from a friend and that could have opened the gates to a hacker. Or you might have downloaded an attachment thinking it was safe. You may have followed a link to what you thought was your financial institution’s official website when in fact it was a hacker’s site. Even though there are antivirus programs and other security measures in place to help protect our computers and personal information, nothing protects your security more than vigilance.

Use strong passwords that can’t be easily guessed.
Make passwords difficult to guess. Don’t use personal information such as names or places. Use a mix of upper and lower case characters as well as numbers and special characters. Change default passwords on your home network equipment such as wireless routers. Longer passwords are harder to break; Eight characters are the recommended minimum length, but 10+ is even more secure.

Beware of scams.
Don’t click on email links or attachments that you are not expecting. Don’t respond to emails or calls asking for information such as passwords, Social Security or account numbers. Change your password if you ever suspect you have been targeted by a scam.

Protect your personal information.
Do not store sensitive information on your computer unencrypted. This includes passwords, Social Security numbers, tax or banking information, or intellectual property. Don’t log into web pages that do not use HTTPS. Use encryption on your wireless router. Make a backup of your data and store backups in a safe place.

Use a cybersecurity solution.
The undeniable benefits that come from connecting more and more of our lives unfortunately can put our home networks, our devices, and even our identities at risk – this is why we created MTA Shield. MTA Shield provides unique privacy features to keep members’ data private both at home and on the go, a variety of user management tools, as well as identity protection features. When combined with MTA’s totalWiFi package, members will have greater peace of mind than ever before when it comes to their data security and privacy. Learn more here.

Protect your portable devices with a password.
Most smartphone users carry with them a wealth of personal information including email, text messages and contacts. This is valuable information to cyber-criminals and nosey strangers alike. Make sure your portable devices are password protected.

Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing emails may contain links to websites that are infected with malware.

Please be extra cautious about links contained in emails, even if they appear legitimate and professional looking. Some phishing emails can be very convincing. Phishing emails prey on your emotions whether it be anxiety, excitement, or curiosity. For example, here is a recent fake warning from the Federal Trade Commission.

The link in the fake Federal Trade Commission email claims to be a complaint letter. However, when you use your mouse to hover over the link, a popup reveals a suspicious-looking URL. In this case, the link contains malicious software.

Fake Microsoft Emails

The “Microsoft” email (shown below) is a scam. If you received this email, do not respond to it. If you wish to file a consumer complaint, please contact the Federal Trade Commission at 877-FTC-HELP (877-382-4357) or https://www.identitytheft.gov/.

Online Pop-Up Is Not MTA

Local Internet customers have been reporting a large pop-up screen masquerading as an MTA survey or announcing that you have won a prize. The fake survey claims you were randomly selected and offers to enter you into a drawing for a prize. The scam includes a pop up which resembles MTA’s logo. This scam is being generated by an overseas entity that has no association with MTA. If you receive a pop-up screen like this, DO NOT CLICK ON IT.

Here is some helpful IdentityTheft.gov information for when information is lost of exposed.