Help! I Have Been Phished!

Learn what to do if you clicked a phishing link, entered your credentials on a suspicious page, or sent money or personal information in response to a scam — including immediate steps to secure your account, protect your finances, and report the incident.

Immediate steps — do these first

Speed matters. The faster you act, the more you can limit the damage. Do these regardless of what type of information was exposed:

  1. Call IT immediately: 612.343.4170. They can help lock down your account, assess what was accessed, and guide next steps.
  2. Change your NCU password now — even before you finish reading this article if your credentials were entered anywhere suspicious.
  3. Email incident@northcentral.edu with as much detail as you can — what you clicked, what you entered, what you sent.
  4. If you believe you are a victim of fraud or identity theft, contact your local police and stop all contact with the suspected scammer.
If you entered your NCU password

Your account may already be compromised — act now

  • Change your NCU password immediately.
  • If you use the same password anywhere else, change it on those accounts too. Use a unique password for each account going forward.
  • Review your NCU email for any messages you didn't send — a compromised account is often used immediately to attack your contacts.
  • Check for any forwarding rules or filters that may have been added to your email by the attacker.
  • Call IT at 612.343.4170 so they can review account activity and help you verify nothing else was changed.
If you shared financial information or sent money

Contact your bank before anything else — time is critical

  • Call the number on the back of your bank card and report the fraudulent transfer or account exposure. The faster you call, the better the chance of recovery.
  • If you sent money via Zelle, Venmo, or CashApp, contact those platforms directly to report fraud — transfers may be reversible if reported quickly enough.
  • If you purchased gift cards, call the gift card issuer immediately (number on the back of the card or the packaging) — unredeemed balances can sometimes be frozen.
  • File a police report if any money was transferred. Your bank and the FTC may require it for the fraud claim.
  • Report the fraud to the FTC at reportfraud.ftc.gov.
If you shared your SSN or identity documents

If your Social Security Number, date of birth, driver's license, or passport information was exposed, take these steps immediately to prevent identity theft.

Step 1 — Freeze your credit at all three major bureaus

A credit freeze prevents anyone from opening new credit accounts in your name. Do all three:

Step 2 — Report to national agencies

National resources

Additional support and reporting

Print Article

Related Articles (4)

Changing Your University Password
Learn how to update your NCU password that manages your university applications, network, email, and Canvas accounts.
Recognizing and Reporting Phishing at NCU
Learn how to recognize phishing attacks targeting NCU students, faculty, and staff — including how AI has changed the threat landscape, the most common scam types at NCU, and what to do if you receive or fall for a suspicious message.
Reporting a Phishing Scam or Suspicious Email
Learn how to report a suspicious email or phishing attempt to the NCU IT security team — including using the built-in Report Phishing button in Outlook and Gmail, forwarding as an attachment when needed, and what to do on mobile.
What to Do if Your Account is Compromised
If you believe someone has unauthorized access to your NCU account, every minute counts. Learn the immediate steps to stop the damage, secure your account, and report the incident to IT.

Related Services / Offerings (2)

Compromised Accounts Support
If you suspect that your account has been compromised, report it immediately to IT.  IT will work with you to reset your password, restore access to your account, and investigate the impact of the incident.
Report Information Security Incidents
If you suspect a potential security issue involving any private information—whether the information is on a computer, on paper, on the web, etc.—immediately report the details to IT.