Cybercriminals tricked Fred into giving away sensitive information. Now he wants to know how “to mitigate this situation?”
Don’t feel bad. We all make stupid mistakes. But with these sorts of mistakes, you have to act fast to avoid disaster.
What you need to do depends on how you were tricked. Did you give them your email password? Your bank and/or credit card numbers? Your passwords for Facebook, Twitter, or other social media sites? Did they remotely access your PC, or trick you into installing software?
[Have a tech question? Ask PCWorld Contributing Editor Lincoln Spector. Send your query to firstname.lastname@example.org.]
If you have reason to believe that criminals can access your financial accounts, call your banks and credit card companies immediately. Explain the situation and follow their instructions.
Next, change any passwords that might have fallen into criminal hands. This includes email, social network, and other passwords.
If you’ve been using the same password for multiple accounts, change all of those passwords as well. And stop using the same password for multiple accounts already.
If you can’t change a password—or even log on to a site—the crook got there first. Check the site for instructions on recovering a hijacked account. Search for
hijacked account and the name of the service (Facebook, Google, or whatever) and follow the directions given on the service's website.
By the way, if you set up your account with two-step verification (most major services offer this), chances are slim that criminals will be able to access and hijack your account.
Next, call the police and ask to make a report. No, the cops will not find the crooks and return what was stolen. But banks, credit card companies, and other institutions may want to see a police report. It makes your claim to victimhood official.
Don’t call 9-1-1. Unless the criminal is physically inside your home, it's not an emergency.
Were you tricked into allowing someone to remotely control your PC? Or into downloading software? If so, there's no telling what information they got, or are still getting.
In that case, change your Windows logon password immediately. And scan your PC for malware using multiple anti-malware tools.