I am an IT professional, and I considered myself a cautious guy while using the internet and opening files from unknown sources. A self-taught guy like me learned another lesson last month!
I got hacked, and it was all my fault.
How did this happen?
I run a WordPress management agency. Where I manage clients’ WordPress sites updates, security, backups, etc. Some of my clients communicate with me via Facebook. Although I prefer emails or dropping tickets in the support portal, I can’t say “no” to new businesses trying to get our services.
Last month, someone from the UK (as she pretended) sent me a message on my Facebook business page. It was like, ‘Her company is going to redesign their site, and can I take a look at the requirements and get back to her?’
I honestly didn’t think much of this critically. I get these kinds of queries frequently. I downloaded the attached PowerPoint and zip file.
The zip contained an .exe file named information.doc. My mistake was not noticing the .exe extension and clicking on the file in a hurry. After clicking the file, nothing visually happened, but deep down I knew something bad had just happened.
Then I opened the PPT file, and there were some simple design illustrations as slides. I was going to reply to her for more information, but something was bugging me from inside. Why was there an exe file, and why did I click that without checking?
That night at 10 p.m., my Facebook account got hacked. It was renamed for someone else. They uploaded some images supporting IS. Facebook restricted my account.
My business Facebook account got hacked too. There were several charges on my credit cards. I had to block my cards and replace them.
Eventually I recovered my account, but my business account was restricted, and I couldn’t get it back to date.
It was fortunate for me because they couldn’t log into my Google account, although they tried.
This all started happening after I clicked the .exe file. They did it by hijacking my session cookies and bypassing the 2-factor authentication of the account.
Fortunately for me, Google has a better security feature to identify these hacks than Facebook. They failed to log into my Google account.
What Did I Do After Getting Hacked?
I immediately called my bank and blocked the cards. They accepted a card replacement request.
After that, I tried to recover my Facebook account, and it took me around 2 hours to get it back. Several times I have had to reset the password and give old details.
I changed my profile name back to what it was before the hack. Deleted the posts made by the hackers.
Removed the phone numbers that were added to my account.
But my account was restricted for a month. I lost my business account permanently. Facebook didn’t let me upload anything for about a month or comment on posts. Still, after a month, my Facebook post’s reach is very low.
After several emails to Facebook support, they returned the charged amount to my card.
I always use original Windows and software; there were no cracked programs installed on my PC. I regularly update Windows and the antivirus definitions. Windows Defender was working well until this occurrence. Even after this incident, it couldn’t find anything.
So, I tried AVG, Avast, Norton, and Malwarebytes free editions, but with no luck.
Nothing they found in the system seemed suspicious. But the backdoor created is still there.
When Google notified me I had to change my password as someone was trying to log into my account, I was worried, as I thought I had already solved the problem.
So, after trying several antivirus and malware finders, I gave up. NOTHING worked.
I formatted my C drive and reinstalled Windows again.
Now, this seems to solve my problem. No more unwanted login attempts were made.
What have I learned?
Never ever click on a .exe file, wherever it is coming from.
You can get infected even if you use updated Windows and Windows Defender.
Windows Defender can’t help you once you’re infected. No antivirus can.
Installing new windows will probably solve 98% of your problems.
Making wise decisions before downloading or opening a file is much more effective than using an antivirus.
The Best Antivirus Software and Malware Finder
Still, if I want to use an antivirus other than Windows Defender, I will tell you to go for the Bitdefender enterprise solution.
The free antivirus software is good, but not to a level like Windows Defender. Sometimes they give too many false positives that interrupt your browsing and downloading.
There are several highly regarded antivirus and malware detection programs available today, each offering unique features and levels of protection. While opinions may vary depending on specific needs and preferences, here are summaries of some top options as of my knowledge.
01. Bitdefender: Bitdefender consistently ranks among the best antivirus solutions and is known for its robust protection against a wide range of malware threats. It offers real-time scanning, advanced behavioral analysis, ransomware protection, secure browsing, and a user-friendly interface.
02. Norton Antivirus, developed by Symantec, is another popular choice known for its comprehensive protection. It combines signature-based scanning, behavioral analysis, machine learning, and cloud-based detection to defend against various threats. Norton also includes features like a firewall, a secure VPN, a password manager, and parental controls.
03. Kaspersky Anti-Virus has a strong reputation for its effective malware detection capabilities. It uses signature-based scanning, heuristic analysis, and cloud-based protection to identify and eliminate threats. Kaspersky offers additional features such as web browsing protection, a network attack blocker, and privacy tools.
04. Malwarebytes: Malwarebytes is renowned for its anti-malware capabilities, particularly in detecting and removing adware, spyware, and other potentially unwanted programs (PUPs). It utilizes behavioral analysis and heuristics to identify emerging threats. Malwarebytes also offers real-time protection, scheduled scanning, and a browser extension for safe browsing.
05. Avast: Avast Antivirus provides comprehensive protection against malware, including viruses, ransomware, and phishing attacks. It employs multiple layers of defense, including signature-based scanning, behavior monitoring, and a robust firewall. Avast also offers features like a password manager, a VPN, and webcam protection.
06. McAfee: McAfee Antivirus, a well-known name in the cybersecurity industry, offers a range of security features. It includes real-time scanning, firewall protection, secure web browsing, and a vulnerability scanner. McAfee also provides additional tools such as a password manager, encrypted storage, and identity theft protection.
Remember that the antivirus and malware detection landscape is constantly evolving. New threats and technologies emerge regularly, so it’s important to keep your antivirus software up-to-date and consider the latest recommendations from trusted sources when choosing the best option for your needs.