Skip to main content

10 telltale signs you’ve been hacked 

June 27, 2022

Do you ever get the feeling your computer is trying to tell you something? Here are 10 telltale signs that could mean you’ve been hacked – and what you can do to fight back. 

It won’t always be obvious you’ve been hacked. In fact, IBM and Ponemon’s Cost of a Data Breach Report 2021 found that the average breach takes 287 days to identify and contain, with the cost of the breach increasing the longer it remains undetected. 

But while you shouldn’t expect any flashing lights and blaring alarm sounds, there are some clear warning signs to watch out for. And with cybercrime on the rise – it’s now estimated that hackers attack someone online every 32 seconds, targeting everyone from large companies and governments to small businesses and private individuals – it’s more important than ever to be vigilant. 

Here are 10 surefire signs you’ve been breached. 

You start seeing applications you didn’t install 

Have you ever noticed programs or applications on your computer that you don’t remember installing? Sure, it’s possible that your memory is failing – but it’s also possible that these suspicious apps are malware, and that an intruder may be using them as a backdoor into your system. 

Most malware programs are Trojans and worms, and they have a nasty habit of installing themselves along with legitimate programs. Read your software license agreements carefully – some will plainly state that they’ll be installing more than one program. In that case, opt out of the other programs, if you can, and go through your installed programs and disable anything you don’t recognise. 

Your cursor moves by itself 

If your cursor appears to have a mind of its own, it probably doesn’t mean your mouse is in need of an exorcist – it means you’ve been hacked, and your device is being controlled remotely. 

Hardware problems do happen, and if your cursor starts to move randomly and uncontrollably but doesn’t seem to be getting anywhere, then the issue could be benign. But if you observe your cursor moving by itself and successfully clicking on programs or links, it’s virtually certain you’re the victim of a remote access scam, and have at some point been persuaded to download software that a cybercriminal has used to take control of your device. 

If this has happened to you, disconnect from the internet and power off your device immediately. Use another device that you trust to change all of your usernames and passwords, and check your bank account history and any other accounts the attacker may have used to make a transaction. 

If you have lost money, report it to your financial institution and to the police, and make sure the compromised device is completely restored by a professional before you use it again. 

Your antivirus software is disabled

Has it been a while since your antivirus software scanned your computer or sent you an automatic update?

If so, it could mean your antivirus software has been disabled. And if you didn’t disable it yourself, then it means you’ve probably been compromised – especially if you try to launch Task Manager or Registry Editor to investigate, and you find that these tools either won’t start, or they disappear shortly after starting. 

Try running Microsoft Autoruns (or KnockKnock, on a Mac) to see if you can identity and uninstall the malicious program, but if you can’t find it, or if the malware won’t let you easily uninstall it, you’ll most likely need to restore your system. 

Your contacts start receiving strange messages from you 

You won’t find out about this until someone decides to let you know, but if one of your friends, family members or other contacts tells you that they received a strange spam email from you, or a weird DM from one of your social media accounts, it probably means you’ve been hacked. (Either that, or you need to improve the quality of the messages you’re sending your friends.) 

Check your email outbox to see if your account has been sending phishing emails on your behalf, and if so, immediately change your password and set up multi-factor authentication. On social media, check if the unusual activity is actually coming from your account, or if a hacker has created a look-alike page as part of a phishing scam. If you’ve truly been hacked, change your password and set up multi-factor authentication; and if it’s a lookalike page, alert the social media site and ask them to take it down. 

Your passwords aren’t working 

We all forget passwords from time to time, but if you find yourself regularly being denied access to an account and you’re sure your password is correct, then you’ve probably been hacked. 

If you’re sure that your password is no longer working, and it’s not just a case of you jumbling up a couple of digits or the site you’re trying to log into experiencing technical difficulties, then what’s most likely happened is that at some point you’ve responded to a seemingly authentic phishing email that asked you to enter your username and password. 

A cybercriminal has then used that password to gain access to your account, and shut the door behind them by changing the password and the recovery details once they’ve logged in. In this case, you’ll need to contact the affected service and report the compromised account, and change your password on any other service that uses the same details. 

Pop-up windows keep, well, popping up 

Random unwanted pop-ups are usually the result of malware. Sometimes these pop-ups are advertising legitimate products, and while that’s still extremely annoying, the goal of these pop-ups is usually to earn an affiliate fee every time someone clicks on them, rather than to do further damage to your device.  

Sometimes, however, these pop-ups contain links to malicious sites that will then attempt to add even more malware to your device – a real self-perpetuating cycle. 

These pop-ups are often somewhat meta, and will claim that your device has been compromised, and that you need to click a link or call a number on your screen to get help. This will often end up in the user falling prey to the remote access scam mentioned above. 

It should go without saying that if you see one of these pop-up messages, do not click on it, and do not follow any of its instructions. Even if you think there’s a remote chance that message from, say, Apple might be legitimate, and you absolutely must check it out, contact the company directly on a number that you find independently, rather than using the number in the pop-up. 

Your browser has unwanted toolbars 

Another common sign you’ve been hacked is that new toolbars and plug-ins start showing up. Unless you’re certain you know where they came from and you trust them, you should ditch these suspicious toolbars and plug-ins immediately. 

Most browsers will let you review your toolbars and remove any you don’t want. If the suspicious toolbar doesn’t appear in this list, or it resists your attempts to delete it, you may have to reset your browser back to its default settings. 

Your internet searches are redirected 

Another common weapon in the cybercriminal’s arsenal is to redirect your browser from a legitimate site to a fraudulent one. 

If you’re trying to reach Google and you keep getting taken to another, less ubiquitous search site, or if you’re trying to access your online banking and the URL in the address bar doesn’t look quite right, you may be a victim of a virus that’s actively redirecting your browser. 

If this is the case, get under the hood of your browser settings and disable or delete any extensions that you don’t recall installing, or that you don’t use on a regular basis. 

You observe strange network traffic patterns 

If there’s a malicious program on your device that’s transferring your data to a cybercriminal, it will usually leave a calling card of sorts in the form of unusual network activity. 

If you run a business and you see large file transfers to countries you don’t do any business with, for instance, that’s a suspicious sign. 

Of course, in order to know whether or not your network traffic patterns are unusual, you’d have to know what they were supposed to look like in the first place. There are plenty of tools available to help you understand and monitor your network traffic, and while the free and open-source options usually require some expertise and know-how on your part to use effectively, there are also commercial solutions available that will spell out what you need to know. 

Think of it like getting to know your neighbours – if you don’t know who’s meant to be on your street, how will you be able to spot an intruder? 

Your computer starts running sloooooooower 

If your computer is moving sluggishly, or you’ve noticed that crashes are becoming more common, it could simply indicate that your hard drive is full, or that your computer is due for maintenance. 

But it could also indicate that there’s malware running in the background, eating up your computer’s resources without your knowledge and slowing it down. 

Use Task Manager (or Activity Monitor on a Mac – you’ll find it under Applications < Utilities) to see what processes your computer is running. If there’s an application you don’t recognise, there’s a good chance it’s your culprit. 

Protect your precious data 

Of course, there are things you can do to protect your computer from hackers. You should be using powerful antivirus software, and if you’re running a business, you should provide cybersecurity education for all of your employees, including advice on how to identify suspicious emails and requests. 

But even the best antivirus software can be bested by cybercriminals, especially if they’re using new exploits that antivirus scanners haven’t learned to detect yet, and even the most savvy user is still capable of human error, which is the Achilles heel of perimeter security mechanisms that focus on keeping intruders out. 

That’s why it’s important to be prepared for what happens when those intruders get in. Encryption is an obfuscation technique that renders stolen data worthless to anyone who gains access to it without authorisation – essentially, it scrambles data and makes it unreadable for anyone who doesn’t have the right key to unscramble it.

The IBM and Ponemon Cost of a Data Breach report found that the use of strong encryption – at least 256 AES, at rest and in transit – was a top factor in mitigating costs when breaches occur. 

Cryptoloc has taken this principle even further with our patented three-key encryption technology, which combines three different encryption algorithms into one unique multilayer process. 

As a result of our unique approach, no Cryptoloc product has ever been breached – and if you’re concerned that hackers may have compromised your systems already, then it’s especially important that you put your data under lock and key (or, in this case, three keys). 

Get a demo and get protected at