So I recently suffered a data breach of my computer. Mostly my own doing unfortunately. Looking for help in minimizing the damage and my exposure.
First a bit of background. I am a complete and thorough Luddite. I've been away from home working most of the year, and when I returned my family informed me that our internet has been in and out, and working much slower than normal when working at all. We get our internet service through our cable company, Optimum Cable. My wife works from home and my brother who lives with us has also been working from home since the beginning of the pandemic. And when home, my job requires me to stream content fairly often. So a stable internet connection at high speeds is an absolute must. So as soon as I retuned we put in a call for our cable company to come by the house to check out what's going on with the internet. I was informed that we had an old cable line coming into the modem an RG59 that needed to be upgraded to a beefier RG6. Unfortunately they don't snake cables so I would need to contact my electrician in order to run the new line. Which I did, and which he did. The issue wasn't fixed unfortunately. So someone from the cable company came back out to the house and found some loose connections, which apparently, according to his devise, stabilized our connection to high speed. Unfortunately the internet still wasn't working. The reason I believe is that my mesh router system (I have an Orbi mesh router and satellite that is about a year old) has stopped synching. It used to work great, extending coverage through out our entire house to an, at least, adequate degree. As a result I simply googled 'How to synch Orbi mesh router and satellite' and was directed to an "official" looking website. Whilst trying to navigate the site looking for answers, a pop-up help desk shows up asking if I need any assistance. I engage with the apparent "tech" and they ask for my phone number so that a proper technician can call me to discuss the issue and diagnose the problem. I gave them my home phone number.
About 15 minutes later I receive a phone call from a number in Savanah, GA. I take the call, and it's this "tech" calling. He runs me through some steps in order to "reset my router." It doesn't work, I can't sign in even though I answer the security questions accurately. So now he tells me that in order to fix the issue he needs remote access to my computer via some app called AnyDesk. This is where I get into trouble. My frustration with previously working systems no longer cooperating combined with my admitted computer illiteracy, I follow his directions and download what he tells me to, thereby opening up my computer for him to peek inside remotely. He immediately starts in on generating fear. He tells me that I have multiple foreign IP's attached to my computer and that this is the reason for my slow internet at home. He also says "This is the worst case," he's ever seen. That what I need to do now is have them do a complete diagnostics test and cleanup for the price of $199.00, but tries to up-sell me on the three to five year plans for more money. By now I am seeing red flags everywhere. I tell hime that before I do so I would prefer to consult with my attorney as well as an acquaintance I have at the Federal Bureau Of Investigation, which I do in fact have, but this probably isn't something I would run by him, I just wanted to gauge this persons reaction. Well, his reaction was to up the ante, telling me that if I didn't do this now that all my banking info and personal details would be everywhere, I had to pay them to have them clean this up immediately. I declined.
Immediately after we hung up I had my brother, who's much better at computers than I am, but which honestly isn't saying a ton, remove everything from the MyDesk app on my computer. I then changed my iCloud password and set up a two-factor authentication. As soon as I woke up this morning I have multiple messages on my iPhone saying that my passwords to various sites, including this site, PayPal, my fantasy football league (who cares), have all been exposed to a Data Leak.
I never gave these people my cell phone number. I have changed all the passwords identified in the Data Leak. So my question, and where I need help is in understanding how much exposure I'm looking at.
All my finances go through my Business Management firm with nothing stored on my computer, that I know of anyway. So I feel somewhat safe in that area. I am however somewhat concerned about social media hacks as I have over 135,000 followers on Instagram and Twitter each (it's for work, I'm not a big social media guy.) I am incredibly private about my private life and never post picture of my family or kids for a variety of reasons, however with the world we live in, I am concerned about bad actors (no pun intended) getting ahold of those profiles and hijacking them. Is this a real threat? My computer is NOT signed in to any of these accounts, it is only through my cell phone, but I didn't give that number away. Would these people be able to discover that regardless? Am I being paranoid? Or is this something I should be worried about? And are there any mitigating solutions I can do in the short term to close up any potential breaches?
And I still haven't found a solution to the initial problem of my routers not synching and slow internet service, but am afraid to go back to anything online offering remote solutions. Is this something I can just have the Geek Squad come out to the house and fix? Or should i just burn everything and then throw it in the river?
Thanks to anyone who has made it this far into the post. Any input is appreciated, I am not on terra firma here. Cheers. Go Blue
First a bit of background. I am a complete and thorough Luddite. I've been away from home working most of the year, and when I returned my family informed me that our internet has been in and out, and working much slower than normal when working at all. We get our internet service through our cable company, Optimum Cable. My wife works from home and my brother who lives with us has also been working from home since the beginning of the pandemic. And when home, my job requires me to stream content fairly often. So a stable internet connection at high speeds is an absolute must. So as soon as I retuned we put in a call for our cable company to come by the house to check out what's going on with the internet. I was informed that we had an old cable line coming into the modem an RG59 that needed to be upgraded to a beefier RG6. Unfortunately they don't snake cables so I would need to contact my electrician in order to run the new line. Which I did, and which he did. The issue wasn't fixed unfortunately. So someone from the cable company came back out to the house and found some loose connections, which apparently, according to his devise, stabilized our connection to high speed. Unfortunately the internet still wasn't working. The reason I believe is that my mesh router system (I have an Orbi mesh router and satellite that is about a year old) has stopped synching. It used to work great, extending coverage through out our entire house to an, at least, adequate degree. As a result I simply googled 'How to synch Orbi mesh router and satellite' and was directed to an "official" looking website. Whilst trying to navigate the site looking for answers, a pop-up help desk shows up asking if I need any assistance. I engage with the apparent "tech" and they ask for my phone number so that a proper technician can call me to discuss the issue and diagnose the problem. I gave them my home phone number.
About 15 minutes later I receive a phone call from a number in Savanah, GA. I take the call, and it's this "tech" calling. He runs me through some steps in order to "reset my router." It doesn't work, I can't sign in even though I answer the security questions accurately. So now he tells me that in order to fix the issue he needs remote access to my computer via some app called AnyDesk. This is where I get into trouble. My frustration with previously working systems no longer cooperating combined with my admitted computer illiteracy, I follow his directions and download what he tells me to, thereby opening up my computer for him to peek inside remotely. He immediately starts in on generating fear. He tells me that I have multiple foreign IP's attached to my computer and that this is the reason for my slow internet at home. He also says "This is the worst case," he's ever seen. That what I need to do now is have them do a complete diagnostics test and cleanup for the price of $199.00, but tries to up-sell me on the three to five year plans for more money. By now I am seeing red flags everywhere. I tell hime that before I do so I would prefer to consult with my attorney as well as an acquaintance I have at the Federal Bureau Of Investigation, which I do in fact have, but this probably isn't something I would run by him, I just wanted to gauge this persons reaction. Well, his reaction was to up the ante, telling me that if I didn't do this now that all my banking info and personal details would be everywhere, I had to pay them to have them clean this up immediately. I declined.
Immediately after we hung up I had my brother, who's much better at computers than I am, but which honestly isn't saying a ton, remove everything from the MyDesk app on my computer. I then changed my iCloud password and set up a two-factor authentication. As soon as I woke up this morning I have multiple messages on my iPhone saying that my passwords to various sites, including this site, PayPal, my fantasy football league (who cares), have all been exposed to a Data Leak.
I never gave these people my cell phone number. I have changed all the passwords identified in the Data Leak. So my question, and where I need help is in understanding how much exposure I'm looking at.
All my finances go through my Business Management firm with nothing stored on my computer, that I know of anyway. So I feel somewhat safe in that area. I am however somewhat concerned about social media hacks as I have over 135,000 followers on Instagram and Twitter each (it's for work, I'm not a big social media guy.) I am incredibly private about my private life and never post picture of my family or kids for a variety of reasons, however with the world we live in, I am concerned about bad actors (no pun intended) getting ahold of those profiles and hijacking them. Is this a real threat? My computer is NOT signed in to any of these accounts, it is only through my cell phone, but I didn't give that number away. Would these people be able to discover that regardless? Am I being paranoid? Or is this something I should be worried about? And are there any mitigating solutions I can do in the short term to close up any potential breaches?
And I still haven't found a solution to the initial problem of my routers not synching and slow internet service, but am afraid to go back to anything online offering remote solutions. Is this something I can just have the Geek Squad come out to the house and fix? Or should i just burn everything and then throw it in the river?
Thanks to anyone who has made it this far into the post. Any input is appreciated, I am not on terra firma here. Cheers. Go Blue
