a Lökwest client is hacked

My Client Was Hacked—Could You Be Next?

/ Security

2024 Update: Protect Your Accounts from Evolving Hacking Tactics

Let’s rewind to a Monday morning in 2021. I was reading the morning tech news when I got the kind of message that sends a chill down any digital consultant’s spine: “I think I’m being hacked.” At first, I thought it might be another false alarm—something easily solvable with a malware scan or a password change. But this time, the hack was real, and the damage was already done.

Fast forward to today, and while AI wasn’t part of the equation back then, it’s a whole different world in 2024. Hackers have leveled up their game, and they now have AI-driven tools that make these types of breaches more dangerous than ever.

This updated version of that 2021 case study highlights how these tactics, techniques, and procedures (TTPs) have evolved and what you can do to defend yourself.

(If you’re curious about the full case study from 2021, you can find it in our free resources section or click below.)

READ CASE STUDY

The Hack Unfolds: What Happened in 2021

The incident began innocuously enough—an email account breach. The hacker used a compromised email password to access multiple accounts belonging to my client, a senior citizen who had always been cautious with technology. But even with some of the best practices in place, she fell victim to a lateral movement attack, one of the most common TTPs hackers employ to breach multiple systems after gaining access to just one account. Here’s how it went down:

  • Initial Breach: The attacker accessed my client’s email, likely through a password leaked in a data breach. Once they had control of the email, it was easy for them to reset passwords for other accounts using email verification codes
  • Lateral Movement: From there, they moved to her Microsoft account, Amazon account, ISP, and more, all due to a combination of password reuse and a lack of two-factor authentication (2FA).
  • Persistence & Email Filter Trick: The hacker added an email filter in her Cox email account. This filter diverted all emails containing the word “Amazon” to a different address, ensuring my client didn’t receive any security alerts from Amazon. This clever tactic, which could have been employed on any email provider, meant she wasn’t aware of ongoing fraudulent activity.

Within a few hours, the hacker had control of her email, Microsoft OneDrive, Amazon account, and even her smart home devices like Blink cameras and Ring doorbells. By the time I arrived, the damage was significant. The attack was methodical—an example of credential stuffing followed by a classic account takeover using automated scripts to lock her out of her own systems. While we were able to resolve the initial breach within several hours, phishing attempts have continued, proving how once compromised, individuals can be targeted long-term.

Lökwest for your security needs

What’s Different in 2024: AI on the Offensive

The tools used in the 2021 attack were largely manual and depended on vulnerabilities like weak passwords or password reuse. But in 2024, hackers have a whole new arsenal of AI-driven techniques. AI has turned simple phishing and brute-force attacks into fast, automated processes that can be scaled infinitely. Here’s what you need to know:

  • AI-Powered Phishing: What once took hackers time and effort—crafting a convincing phishing email—is now done in seconds using AI. These tools can generate personalized emails that look like they’re coming from someone you trust, and the level of sophistication makes them harder to spot.
  • Credential Stuffing at Scale: Credential stuffing—where hackers use stolen username-password pairs to access multiple accounts—has been around for years. But now, AI tools can automate this process, testing thousands of combinations in minutes and significantly increasing the chances of a successful breach. Still want to re-use that password?
  • Social Engineering Deepfakes: In the age of AI, hackers can now use deepfakes to impersonate real people through video or voice. Imagine receiving a voicemail that sounds exactly like a trusted colleague, asking for sensitive information. This is the frightening reality of AI-enabled social engineering.
Lökwest to the rescue

Securing the Accounts: The 2021 Playbook

Back in 2021, we relied on traditional recovery methods to regain control of the compromised accounts. It wasn’t easy, and there were multiple obstacles along the way.

  • Microsoft Account Recovery: We regained control of the client’s Microsoft account by creating a new account, but it came at a cost—she lost access to some cloud data and had to re-purchase her Office 365 subscription.
  • Amazon Struggles: Amazon proved to be one of the toughest platforms to reclaim. The hacker activated two-factor authentication (2FA), which ironically worked against us. Despite multiple calls to Amazon support and verification attempts, we couldn’t fully regain control, and my client ended up creating a new account.
  • Smart Home Reconnection: We had to reset her Blink and Ring devices tied to the hacked Amazon account, wiping them clean and starting from scratch. It was a tedious process, but at least we were able to prevent the hacker from maintaining control of her home security.

In 2021, this was an uphill battle that took several hours of manual effort, support calls, and piecing together what had been breached. This experience highlighted the limitations of traditional recovery methods—especially when dealing with a determined hacker. Fortunately, in this case, the hacker was primarily after Amazon access to carry out a fraudulent return scheme for gift cards. It could have been far worse if their target had been different.

Defense in 2024: A New Playbook

While hackers have become more sophisticated with AI, the good news is that defense has evolved too. In 2024, we have access to more advanced tools to protect against these attacks. Here’s how the game has changed:

  • Passkeys: Passkeys are a secure alternative to traditional passwords, eliminating many of the risks associated with password reuse. They’re resistant to phishing, and platforms like Apple and Google are already making passkeys easier to use across devices.
  • Built-In Password Managers: Today’s operating systems (like macOS and iOS) come with integrated password managers that not only generate strong passwords but also store and autofill them securely. These built-in tools make it much easier to manage unique passwords for every account. No, you don’t have to remember all of your passwords anymore!
  • One-Time Passwords (OTPs): One-time passwords (OTPs) provide an additional layer of security by sending a unique code via SMS, email, or app. These are now easier to deploy and are critical in preventing account takeovers, especially when combined with 2FA.
  • Heightened Scrutiny Against AI: Defending against AI-driven threats requires constant vigilance, as these tools rapidly adapt and evolve. Platforms like Blackbird.ai are leading the way in monitoring and mitigating these threats, using AI to identify and neutralize malicious activity. Additionally, for more insights on how to stay safe in the age of AI, check out my presentation on this topic [link to Navigating the Digital Landscape: Staying Safe from Scams in the Age of AI].

Conclusion: Staying Ahead of the Hackers

If there’s one takeaway from this updated case study, it’s that the game has changed. Hackers have gone from using brute-force techniques to leveraging sophisticated AI tools, making it easier for them to launch personalized, large-scale attacks. But don’t despair—while the offensive side of hacking has advanced, so has defense. With tools like passkeys, integrated password managers, and AI-based security monitoring, you can stay ahead of these evolving threats.

At Lökwest, helping clients regain control of their digital security is one of our specialties. Whether it’s conducting in-depth security audits or providing hands-on support to secure accounts and prevent future breaches, we’re here to guide you through every step of the process. Our team combines years of experience with the latest AI-driven security tools to ensure you stay protected.

Curious about this case or how to protect yourself? Reach out for assistance. Whether you’ve faced a security breach or want to proactively secure your accounts, we’re here to help you stay ahead of hackers.

We can improve your site too!

Book your free “first steps” consultation today!
FREE CONSULTATION
Scroll to Top