Pages in topic: [1 2] > | Cyberattacked: what should I do to be safe again? Thread poster: María C Turri
| María C Turri Argentina Local time: 16:45 Member (2019) English to Spanish
Hello, everyone. On Saturday, I downloaded a piece of malicious software by mistake and, even though I turned the laptop off as soon as I noticed, pyrates got hold of all the passwords I had stored in my Google account. So far, they stole money from PayPal and tried on Skrill and Transferwise, as well as my local bank. I have set up 2 steps authentication for everything I could now but still, I don't feel safe, plus I have an awful lot of new passwords to remember. Do you have any ... See more Hello, everyone. On Saturday, I downloaded a piece of malicious software by mistake and, even though I turned the laptop off as soon as I noticed, pyrates got hold of all the passwords I had stored in my Google account. So far, they stole money from PayPal and tried on Skrill and Transferwise, as well as my local bank. I have set up 2 steps authentication for everything I could now but still, I don't feel safe, plus I have an awful lot of new passwords to remember. Do you have any suggestions? I was using a Gmail account because I couldn't afford anything better, but now that things are improving for me I think I need to invest. And certainly, a new antivirus, for Windows Defender is not enough. Could you recommend me a good one? I know I should have thought about this before, and believe me that I'm mortified enough, so please be kind in your responses. ▲ Collapse | | |
It must be really frustrating. As for the money stolen from PayPal, you should report it as a fraudulent transaction and ask them to reverse it, since you didn't authorise it. As for security software, I can warmly recommend Webroot SecureAnywhere, which has kept me safe for many years and doesn't consume a lot of resources or cause conflicts with legitimate software. ... See more It must be really frustrating. As for the money stolen from PayPal, you should report it as a fraudulent transaction and ask them to reverse it, since you didn't authorise it. As for security software, I can warmly recommend Webroot SecureAnywhere, which has kept me safe for many years and doesn't consume a lot of resources or cause conflicts with legitimate software. https://uk.pcmag.com/antivirus/36570/webroot-secureanywhere-antivirus How did you get tricked into downloading the virus? ▲ Collapse | | | María C Turri Argentina Local time: 16:45 Member (2019) English to Spanish TOPIC STARTER Got tricked, yes | Feb 8, 2021 |
The first thing I did when I noticed the problem was report it to PayPal. They say "the transaction matches my previous behavior (?)" and they don't see any problems with it, so they won't reimburse me. It's a transaction made to a Gmail account (the first in my PP history) and it's called "loan" (quoting marks included). This is what made me feel most insecure because I'm increasing the amounts I receive by PP and it's really frustrating to see that money go away just like that! Th... See more The first thing I did when I noticed the problem was report it to PayPal. They say "the transaction matches my previous behavior (?)" and they don't see any problems with it, so they won't reimburse me. It's a transaction made to a Gmail account (the first in my PP history) and it's called "loan" (quoting marks included). This is what made me feel most insecure because I'm increasing the amounts I receive by PP and it's really frustrating to see that money go away just like that! Thank you for the Antivirus recomendation, I'll give it a look! ▲ Collapse | | | Recep Kurt Türkiye Local time: 22:45 Member (2011) English to Turkish + ... What you can do to minimize the risks | Feb 8, 2021 |
1- Use strong passwords for all your accounts 2- Use a password manager to generate strong passwords/keep track of your accounts (Roboform) 3- Don't download stuff from sites you don't know. Don't click on links you are not sure about. Don't install software that you don't know. Do a little research first. 4- Always a good idea to have a good antivirus+firewall. There are plenty of choices (Kaspersky, Eset, Avast etc.) | |
|
|
Jo Macdonald Spain Local time: 21:45 Italian to English + ... Your answers are already in your questions Maria | Feb 8, 2021 |
You just need two passwords. 1. A low security one for less important things like Proz, facebook, Google login for example you can let your browser save if you want so you don't have to login again every time. 2. A high security one for money matters like the bank, Paypal, and anything else you want more security on. This can be a more secure password, but the most important thing is you never give it to anyone and especially never tell your browser or Google or any other program or ... See more You just need two passwords. 1. A low security one for less important things like Proz, facebook, Google login for example you can let your browser save if you want so you don't have to login again every time. 2. A high security one for money matters like the bank, Paypal, and anything else you want more security on. This can be a more secure password, but the most important thing is you never give it to anyone and especially never tell your browser or Google or any other program or web site/service to remember it, so every time you have to login again. This goes for your smartphone too. You can also set your browser to delete all cookies (including passwords) every time you close it and choose which one not to delete. 2-step authentication is good and banks should require this for bigger transactions. Obvious I know, but don't download and install hijack malware, click on dubious links in strange mails, etc. open/run/install .exe or image files sent as attachments. Personally I don't think you need another malware prog because I'm sure it will ask you "Do you want to save this password to save having to logon again next time?" and if you answer "Yes", which you shouldn't if it's a high security logon, you'll be in the same position you were before with money spending passwords saved in a Googly account, vulnerable to anyone who hijacks that account with those passwords saved in it. Don't use a "login with Google or facebook" option for anything important, their security is just an annoyance (to users) must be laughable to hackers.
[Edited at 2021-02-08 13:41 GMT] ▲ Collapse | | | Password manager | Feb 8, 2021 |
A passport manager does all the remembering for you (except the master password you use to access it !). It will also generate a random, secure password for each website if you ask it to, which means serious damage limitation even if someone does manage to get their hands on one of your passwords. I'm no expert, but I'm satisfied with the one I use: Dashlane. That said, I only use it for my PC: I believe they charge for syncing between devices. Worth having a look around for which b... See more A passport manager does all the remembering for you (except the master password you use to access it !). It will also generate a random, secure password for each website if you ask it to, which means serious damage limitation even if someone does manage to get their hands on one of your passwords. I'm no expert, but I'm satisfied with the one I use: Dashlane. That said, I only use it for my PC: I believe they charge for syncing between devices. Worth having a look around for which best suits your purposes/budget.
[Edited at 2021-02-08 13:43 GMT] ▲ Collapse | | | Use a password manager | Feb 8, 2021 |
One of the best things you can do security-wise is to use a Password manager, to safely store all your passwords. To unlock the password manager and retrieve your passwords, you only need to remember a single password, called the "master password". Of course this one needs to be super secure. Try to come up with a long phrase (maybe from a book you like, so that you can remember it easily), maybe adding a special character and/or numbers. Above anything, the strength o... See more One of the best things you can do security-wise is to use a Password manager, to safely store all your passwords. To unlock the password manager and retrieve your passwords, you only need to remember a single password, called the "master password". Of course this one needs to be super secure. Try to come up with a long phrase (maybe from a book you like, so that you can remember it easily), maybe adding a special character and/or numbers. Above anything, the strength of a password lies in it's length, not it's variety. Typically, a password manager helps you not only securely store your passwords, but also *generate new secure and unique passwords*. A password manager is then useful in that it remembers the passwords for you, so you can use complex ones like KLaxCzfiEKjgSiwxy3* (just an example). Make sure you create different passwords for each site. Especially for important accounts, such as your email account, and money-related accounts, check about how to improve your account security. For Google, you can use this Security Checkup: https://myaccount.google.com/security-checkup?hl=en You can also enable 2FA (Two factor security) for important accounts. I use Bitwarden (on my computer and on my phone) as my password manager, but you can find others too. Edit: Sorry for duplication of effort, I see other colleagues have already chimed in while I was writing my post! Edit2: I disagree with Jo Macdonald on one point. The email account security (Gmail in this case) needs to be the highest possible, not low. If an attacker can access your email account, they may be able to reset your other passwords too…
[Edited at 2021-02-08 13:47 GMT] ▲ Collapse | | | Typical PayPal | Feb 8, 2021 |
María C Turri wrote: The first thing I did when I noticed the problem was report it to PayPal. They say "the transaction matches my previous behavior (?)" and they don't see any problems with it, so they won't reimburse me. It's a transaction made to a Gmail account (the first in my PP history) and it's called "loan" (quoting marks included). That's par for the course with PayPal. I rarely use them. So many people have reported such problems with them. Do check their user agreement for your rights in such a situation and also your national regulations for payment services, and escalate this, using PayPal's complaints procedures. | |
|
|
María C Turri Argentina Local time: 16:45 Member (2019) English to Spanish TOPIC STARTER
I rarely use them. So many people have reported such problems with them. Do check their user agreement for your rights in such a situation and also your national regulations for payment services, and escalate this, using PayPal's complaints procedures.
I certainly will, even though nothing good may come out of it. Can I ask you what do you use instead of PayPal? Is any of those services more reliable? | | | María C Turri Argentina Local time: 16:45 Member (2019) English to Spanish TOPIC STARTER
Edit2: I disagree with Jo Macdonald on one point. The email account security (Gmail in this case) needs to be the highest possible, not low. If an attacker can access your email account, they may be able to reset your other passwords too…
[Edited at 2021-02-08 13:47 GMT]
That was exactly what happened to me. They ended up resetting my homebanking account. Luckily, I was fast enough to secure that money. Thank you, Jean. It really helps to have exhaustive explanations since cybersecurity is clearly not one of my strong areas. | | | Jo Macdonald Spain Local time: 21:45 Italian to English + ... Excellent point Jean | Feb 8, 2021 |
María C Turri wrote: Edit2: I disagree with Jo Macdonald on one point. The email account security (Gmail in this case) needs to be the highest possible, not low. If an attacker can access your email account, they may be able to reset your other passwords too…
[Edited at 2021-02-08 13:47 GMT] That was exactly what happened to me. They ended up resetting my homebanking account. Luckily, I was fast enough to secure that money. Thank you, Jean. It really helps to have exhaustive explanations since cybersecurity is clearly not one of my strong areas. Bitwarden looks good too. | | |
María C Turri wrote: I rarely use them. So many people have reported such problems with them. Do check their user agreement for your rights in such a situation and also your national regulations for payment services, and escalate this, using PayPal's complaints procedures. I certainly will, even though nothing good may come out of it. Can I ask you what do you use instead of PayPal? Is any of those services more reliable? Since I'm in the EU, all eurozone clients pay me by money transfer in euros. That's free and secure, but of no use to you. From the US, I use TransferWise. Fees are extremely low and it's a reliable company. But the service they offer depends on the country involved, so you'd need to check what's available for your country. If you can use TransferWise, note that you can also receive EUR and GBP payments through them. Don't give up with PayPal yet. I got scammed once, and PayPal, true to their reputation, did nothing to help. But I ended up finding a flaw in their procedures and told them I was going to complain to the financial regulator. Then they paid up. | |
|
|
Tina Vonhof (X) Canada Local time: 13:45 Dutch to English + ...
Thomas T. Frost wrote: María C Turri wrote: The first thing I did when I noticed the problem was report it to PayPal. They say "the transaction matches my previous behavior (?)" and they don't see any problems with it, so they won't reimburse me. It's a transaction made to a Gmail account (the first in my PP history) and it's called "loan" (quoting marks included). That's par for the course with PayPal. I rarely use them. So many people have reported such problems with them. Do check their user agreement for your rights in such a situation and also your national regulations for payment services, and escalate this, using PayPal's complaints procedures. Paypal suggested to me that I contact the 'seller' (i.e. the hackers!) - that was the last thing I wanted to do of course. I was extremely lucky in a way because I had a very small balance on PP at the time, so that the charge was put through to my credit card. I then contacted the bank and they were the ones who took action and eventually managed to get my money back. | | | Samuel Murray Netherlands Local time: 21:45 Member (2006) English to Afrikaans + ...
María C Turri wrote: I have an awful lot of new passwords to remember. Use randomized 16-character passwords (a different one for every new site or service), and use a password manager to remember them. You need a strong master password for the password manager, too, but that's the only password that you would need to remember. And if you use a password manager that is also web-based, it means you can access your passwords from anywhere. And if you use one that has an app for your phone, you can unlock the passwords using your fingerprint, so it's a lot less hassle because you don't need to type in your master password all the time. Most password managers have a feature whereby they generate a new password for you on demand, or whenever you visit a new site or service. I use Bitwarden, because it's free and it works on Android as well as my own computer, but really there are many fine products and they often don't cost much, e.g. Dashlane, 1Password and LastPass. If you have your passwords saved in the password manager, hackers can't get to it even if they compromise your entire computer. The only way they can get your passwords is if you reveal your master password. (You also have to set your browser not to remember passwords, so that the password manager is the one that remembers them.) | | | María C Turri Argentina Local time: 16:45 Member (2019) English to Spanish TOPIC STARTER
Samuel Murray wrote: (You also have to set your browser not to remember passwords, so that the password manager is the one that remembers them.) Thank you, Samuel! I absolutely love that feature. It definitely helps me be extra-careful without making me waste so much time. It was great to ask all of you here, you've been amazingly helpful. Thank you very much! | | | Pages in topic: [1 2] > | To report site rules violations or get help, contact a site moderator: You can also contact site staff by submitting a support request » Cyberattacked: what should I do to be safe again? Protemos translation business management system | Create your account in minutes, and start working! 3-month trial for agencies, and free for freelancers!
The system lets you keep client/vendor database, with contacts and rates, manage projects and assign jobs to vendors, issue invoices, track payments, store and manage project files, generate business reports on turnover profit per client/manager etc.
More info » |
| CafeTran Espresso | You've never met a CAT tool this clever!
Translate faster & easier, using a sophisticated CAT tool built by a translator / developer.
Accept jobs from clients who use Trados, MemoQ, Wordfast & major CAT tools.
Download and start using CafeTran Espresso -- for free
Buy now! » |
|
| | | | X Sign in to your ProZ.com account... | | | | | |