Published on 02 Apr 2014
There is no silver bullet in cyber security. There is always a possibility for your devices, such as computer, smartphone and tablet; or online identity, such as email, Facebook and Twitter accounts, to be compromised by someone with malicious intent.
Given this, it is important that we practice, good infocomm security hygiene. The more infocomm security measures you adopt in securing your devices and online identity, the less likely that you will be a victim of a cyber security incident.
That said, there might be times when our devices or online identity still get compromised, perhaps due to a new malicious software (malware) with no known patch or virus signature; or simply because we have forgotten to update our antivirus software’s virus definitions. In such situation, all is not lost if we know how to salvage the situation to minimise potential damages such as compromised online identity or sensitive information loss.
We will look at a number of ways to identify if your devices or online identity has been compromised, as well as some basic steps you should take in respond to such incidents.
Is Your Device Compromised?
Security software has detected a malware.
Antivirus software has been disabled or cannot to be updated.
Unknown software / apps found on device.
Device is responding slowly or unstably.
Malware cannot be removed by antivirus software.
Is Your Online Identity Compromised?
When your email, social media or any other service providers whom you have an account with inform that your account has been compromised (check the authenticity of the information first), or when information that their customers’ databases have been leaked hit the news, your credentials would most likely have been compromised.
In addition to such information, there are also some tell tale signs that you can take note of to verify if your online identity has been compromised:
You cannot log in.
Knowing that you entered the correct username and password, and yet you cannot log in to your account. An attacker could have compromised your account, either by guessing or resetting your password. In such situation, contact your service provider immediately to regain access to it.
After regaining access to your account, change your password immediately. Choose a complex password (at least eight characters long, including lower and upper cases, symbols, and numbers) that is not similar to your previous password. Also change the password of any other online accounts that you have used the same password on. As your account may have been configured to allow future access by the offender, review all account settings, especially your personal, security, and privacy settings where applicable.
Strange activities are performed using your account.
Your email contacts or social network friends informed you that they received strange emails or messages from you, which you have never sent out. There is high chance that your account has been compromised.
As above, change your passwords immediately and review all your account settings.
Report Cyber Security Incident
In event that you are unable to resolve the security incident, you could contact SingCERT for further advice and assistance.SingCERT’s contact details: