Help! I Have Been Phished!

If you find yourself among the millions of people who have responded to phishing and have exposed their personal information, you should report it and perform the following based on the information you revealed.

  • If the phishing message was directed to your NCU email account, report the incident to OTI Cybersecurity @ incident@northcentral.edu or 612.343.4170.
  • If you believe you have been a victim of fraud or identity theft, immediately notify your local police jurisdiction and cease all contact with the suspect organization.

Choose the actions based on the information you revealed

If you exposed your NCU Passwords

If you expose your Bank or Credit Card Account Number, Password or PIN

  • Call the bank’s hotline, usually printed on the back of your bank card, and report the incident.
  • If you have transferred money to a scammer, report the incident to your local police.
  • Inspect your statements carefully for signs of account misuse.
  • Determine if you want to put a lock on your credit records. This will keep anyone from opening a new account.
  • Go to your bank’s online website and look for information about fraud, phishing or identity theft. Find out what your bank expects you to do.

If any piece of personal information was exposed

If any information that could be used to open financial accounts (e.g., your Social Security Number, date of birth, place of birth, mother's maiden name, bank account numbers, and/or credit card numbers)

  • Put a freeze on all three of your credit reports to block the creation of any new credit card accounts. When you lock your credit record, no other organization can check your credit without your permission and this will keep anyone from opening a new account.
  • Freezing your credit at the three major bureaus above should be top priority. To go the extra mile, you can also freeze your credit report at two lesser-known credit bureaus that may have information about you:
    • Innovis: Call 866-712-4546 or go online.
    • National Consumer Telecom & Utilities Exchange: Call 866-349-5355 or go online.
  • Sign up for their credit monitoring service, a fee-based service that will automatically notify you whenever your credit record is accessed.
  • Review the recommendations from the Social Security Administration about identity theft and your Social Security Number.

Notify the Federal Trade Commission (FTC) that you have been phished

The FTC is the nation's consumer protection agency. The FTC's Bureau of Consumer Protection works for the consumer to prevent fraud, deception and unfair business practices in the marketplace.

Follow the advice listed here:

These websites of national agencies that deal with Internet fraud provide helpful information about dealing with identity theft issues

Details

Article ID: 145434
Created
Mon 4/24/23 4:01 PM
Modified
Mon 4/24/23 4:19 PM
Audience
Employees
Students

Related Articles (4)

Changing Your University Password
Learn how to update your NCU password that manages your university applications, email, and Moodle accounts.
Phishing and Other Email Scams
Phishing attacks and other email scams take advantage of personal and professional relationships, organizational hierarchies, and human curiosities — information that is now readily available through social media and professional networking websites.
Reporting a Phishing Scam or Suspicious Email for Review
Although your first instinct may be to ignore or delete suspicious emails, we recommend that you report them to our security team. IT will examine the email and advise you of any further steps you may need to take.
What to Do if Your Account is Compromised
A compromised account is one accessed by a person not authorized to use the account.

Related Services / Offerings (2)

Compromised Accounts Support
If you suspect that your account has been compromised, report it immediately to IT.  IT will work with you to reset your password, restore access to your account, and investigate the impact of the incident.
Report Information Security Incidents
If you suspect a potential security issue involving any private information—whether the information is on a computer, on paper, on the web, etc.—immediately report the details to IT.