Hacked but Didn’t Click? Here’s How to Reduce Spyware Attacks & Protect Your Financial Data
Most of us know not to click on suspicious links in emails or text messages to avoid being hacked. But what if you didn’t click on a link and still got hacked? “Zero-click” hacks driven by spyware are a growing problem, but there are ways to minimize the risk and keep important financial and other data protected.
Government agencies are making frequent use of zero-click hacks to spy on activists, journalists and others, Bloomberg reported. A number of companies — including Israel’s NSO Group — now either sell the technology to governments, offer it to clients, or develop zero-hacking tools. This is in contrast to a few years ago, when zero-click hacks were used almost exclusively by a few intelligence agencies.
These types of hacks are problematic for a couple of reasons. First, they make it difficult for security experts to detect. They also make it harder for tech giants such as Apple and Google to fix security holes that hackers exploit.
“With zero clicks, it’s possible for a phone to be hacked and no traces left behind whatsoever,” Bill Marczak, a senior research fellow at Citizen Lab, told Bloomberg. “You can break into phones belonging to people who have good security awareness. The target is out of the loop.”
Keeping your devices updated with the latest spyware protection is one way to minimize the risk. You can also uninstall messaging apps that hackers use as gateways to breach devices, but this might not be practical if the apps are needed to communicate.
In many zero-click attacks, the hackers take control of your smartphone and demand cryptocurrency before you can regain control of it, ABC7 Chicago reported last year. Security experts say you should never pay the ransom because it doesn’t guarantee the problem will be resolved. What you should do is immediately report the problem to the FBI.
It helps to update your device’s software as soon as patches or new operating system versions are available. You should also use strong authentication to access accounts, including requiring more than a username and password to help prevent access through stolen or hacked credentials.
More From GOBankingRates