What is hacking online?

Estimated reading time
 6 min

Key points

• Hacking involves cybercriminals gaining access to your email, social and banking accounts or your devices to steal data or money.
  
  
• Being hacked can happen to the best of us, but there are some obvious signs that you’ve been hacked, such as your device running unusually slow or you’re missing files.
  
  
• Using a strong, unique password or passphrase, installing antivirus software, and backing up your files regularly are some effective measures you can take to help protect yourself from a potential hack.

Watching fictional hackers in films and TV shows might be fun, but real-life hacking is far from enjoyable.

Cyber attacks in Australia are on the rise and, according to a report by the Australian Bureau of Statistics (ABS), 22% of businesses experienced a cyber security attack during the 2021-22 financial year.¹ In addition, Scamwatch reported over $600,000 in losses from hacking attacks in 2023 alone.²

That’s why we’re going to explore what hacking involves, how to spot a hack, and how you might protect yourself and your business from sneaky cyberattacks. 
 

What is hacking?

A hack occurs when a cybercriminal gains unauthorised access to your computer system, phone, tablet, or online network.

It can be as simple as someone breaking into your email account without permission by finding out your password or as sophisticated as someone gaining remote access to your computer and locking your entire business out of essential systems.

Nicholas Walsh, ANZ Cybercrime Specialist, says, “Widespread access to the Internet has changed our society in many positive ways, but this progress has also given rise to a new generation of criminals who use sophisticated techniques and technology to attack everyday people.”

Hackers will often use malware (software that can infiltrate your systems to steal information or sabotage systems) or ransomware (software designed to block you out of your systems until payment is made to the hacker) to access your computer, device, or accounts. 

What are some standard methods of hacking?

• A virus: A computer virus is a type of malware that can enter your system through a malicious link, most often sent by email or instant messaging. Viruses can also come through SMS or applications and other downloads from the Internet. Once inside your computer systems, malicious viruses can infect your computer’s files and multiply.
  
  
• Clickjacking: This is when you unknowingly click a malicious link disguised as something else, such as a website offer for a big discount. Through clickjacking, malware can be downloaded onto your systems without your knowledge.
  
  
• False offers of protection: You might receive a phone call, SMS or a notification on your computer telling you that your computer is infected with a virus. The good news? This mystery caller can help protect you! The bad news? In this scenario, the person claiming to help is a cybercriminal trying to gain access to your system or accounts by drawing out personal details as they ‘assist’ you.  
  
  
• Public Wi-Fi hotspots: Free public Wi-Fi hotspots can be found in many public spaces, such as airports, shopping centres, and cafes. Cybercriminals can set up fake Wi-Fi hotspots to hack you. If you enter private information on websites while using their Wi-Fi, you risk exposing your data.
  
  
• Phishing: In a phishing attack, you might be asked to click a link from a ‘trusted’ source, which sends you to a website controlled by the hacker. Or you may receive a call from a hacker claiming to be from a trusted company requesting access to your computer.
  
  
• Outdated security systems: If your device’s operating and security systems aren’t updated regularly, hackers can exploit known gaps. Most system updates include security enhancements that eliminate these gaps and protect you from hackers, so it’s best to always stay up to date.
  
  
• Password leaks: It might be scary to think about, but when companies experience data leaks, their customers’ passwords and private information (that was stored securely in their systems) can be sold to hackers on the dark web. The dark web is a series of hidden web pages often used by cybercriminals that are inaccessible through regular search engines. You can visit www.haveibeenpwned.com to check if your email address has been exposed in any public leaks.

9 Signs that you might have been hacked:

1. You clicked a malicious web link: One sign you may have been hacked is that you clicked on a link from an email, SMS or through a website and then noticed the name on the URL was misspelled, or it took you somewhere you did not expect. Hackers can use these links to inadvertently allow a virus to enter and corrupt your device. Sometimes, we might only realise this has happened and forget about it when other signs appear later.
   
   
2. Your device is unusually slow: You may notice your device suddenly running much slower than usual or having a reduced battery life – these can be signs that it might be infected with a virus.
   
   
3. You connected to public Wi-Fi: If your phone suddenly says ‘SOS only’ after you use public Wi-Fi, it could be a sign you’ve been hacked. Hackers can impersonate free Wi-Fi providers (by naming their network ‘free airport Wi-Fi’, for example).
   
   
4. You can’t log in to your accounts: When your usual password doesn’t log into your email or other accounts, it can be a sign of a hack, especially if this happens across multiple accounts.
   
   
5. Pop-up ads: Suddenly seeing a lot of pop-up boxes on your computer screen or offers to help clear your computer from viruses can be a sign of a hack.
   
   
6. Changes to your computer: If your computer’s desktop screen looks different from normal or files are missing or moved, this can be a sign that you were hacked.
   
   
7. Your friends are getting strange messages: Hackers can compromise your social media profiles and message your friends and family while impersonating you.
   
   
8. Unexplained payments: Your phone bill might have suddenly shot up, or there are unexplained purchases on your bank statements – these are signs you might have been hacked.
   
   
9. A regular supplier changes bank details: This is a type of scam known as a ‘payment redirection scam’, in which a hacker emails or calls you to provide new bank account details for a regular client or supplier in an attempt to convince you to send payment to their account instead. 

How to help protect yourself from being hacked

While you can never be completely safe from hackers, there are several ways to keep security tight in your online life.

“There’s nothing wrong with a healthy dash of scepticism when it comes to any contact you receive from companies or businesses,” Nicholas says. “If you’re not expecting the contact, it’s okay to be suspicious.”

• Ensure your passwords are sophisticated (including special characters, capitals and numbers), don’t write them down anywhere, and change them regularly. Alternatively, consider using a passphrase instead.
  
  
• Enable multi-factor authentication (MFA) for extra layers of security.
  
  
• Do not allow apps on your phone to track your location when you are not using the app.
  
  
• Keep your anti-virus software updated on computers, phones and tablets.
  
  
• Never click a link to a website sent to you in an email or phone message.
  
  
• Be wary of work emails that ask you to follow links, open attachments, or click buttons to perform security checks.
  
  
• Don’t use public Wi-Fi unless you have verified with the venue that it is the correct link. Do not enter or access personal or sensitive data on public networks, even when using a trusted service.
  
  
• Keep track of your bills and bank statements; contact your bank or service provider immediately if you notice any unusual activity.
  
  
• Be careful when downloading new games or apps from free websites onto your device and delete old or unused accounts and apps.
  
  
• Disable software on your device that auto-fills forms with your details.
  
  
• Keep backups of all critical files and data. This way, if your account is compromised, the hacker might not be able to extort you.
  
  
• Use a virtual private network (or VPN). A VPN encrypts your data (making it harder to hack) and hides your IP address (making it harder to track your online activities). This form of encryption makes it safer to access the internet no matter what device you use.

What to do if you’ve been hacked

The Australian Signals Directorate (ASD) recommends that you take these immediate actions if you have been hacked:

• Disconnect from the internet.
  
  
• Scan for viruses.
  
  
• Change your passwords.
  
  
• Tell your family, friends and colleagues to be wary of any unusual requests they get from you (such as asking them to transfer you money).

Security tip: Consider implementing a credit ban so that credit reporting agencies cannot access personal information in your consumer credit file. 

Who can you contact if you’ve been hacked?

• Contact the Australian Cyber Security hotline, 24 hours a day, seven days a week on 1300 CYBER1 (or 1300 292 371).
  
  
• Help others by reporting to Scamwatch or to the Australian Signals Directorate’s Australian Cyber Security Centre’s ReportCyber.
  
  
• You can also contact IDCare, a not-for-profit organisation providing support to those experiencing identity and cyber security concerns.
  
  
• Contact your bank immediately if you have shared personal or financial information.
  
  
• If you’re an ANZ customer, you can report fraud or suspicious activity in multiple ways, such as through the ANZ app or by calling us