What to Do if Your Account is Compromised

Overview

A compromised account is one accessed by a person not authorized to use the account. Criminals and hackers target users to gain:

  • Access to the NCU network, processing power, and/or storage they can use to commit crimes.
  • Access to NCU academic resources, like the library and journal subscriptions.
  • Information about you to steal your identity, commit fraud, and use your reputation to target your contacts for phishing and fraud.

When accounts are compromised, valuable computing resources and sensitive institutional and personal data is put at risk. Even accounts with limited or no access to institutional data and nothing private or of value in email or personal files are valuable to hackers.

What to Do if Your Account is Compromised

  • Immediately REPORT it to the IT Service Desk - Report an IT Security Incident.
  • If you can, change your password:
    • DO NOT change your password back to what it was when it was compromised.
    • DO NOT change it to a password you use for other sites.
    • DO NOT reuse your NCU password for other sites and services.

How Accounts are Compromised

  • Phishing. Emails that ask you to verify, validate, or upgrade your account by logging in to a webpage or providing your password are most likely phishing scams. University staff will NEVER send email asking you to confirm your identity or provide confidential, personal information.
  • Password Stolen on Another Site. Reusing your NCU password on other sites, especially those where your university email is your username, puts NCU resources at risk. If your account on those sites is compromised, your NCU account can be easily accessed.
  • Password Sharing. If you shared your password with a friend, significant other, or family member, they might not have been as careful with it as you are.
  • Malware. Use of an untrusted computer or a computer infected with a computer virus, running a keyboard logger, or subject to other malicious system compromises. 
  • Unsecured network. If you log in to a NCU website like Skyline while on an unprotected Wi-Fi network, your account information could be stolen. 
  • Weak password. A short, simple password can be vulnerable to guessing or brute-force techniques. 

Monitor your accounts for suspicious activity. 

If you notice anything that looks suspicious, take screenshots and include in your incident report.

Gmail

  • Check the Trash, Sent, and other mail folders for messages you didn’t send or delete.
  • In your Mail Settings, review Forwarding and Filters and delete those you do not recognize.
  • In your Mail Settings, under Account, check the settings for Send mail as and Grant access to your account to be sure these have not been changed.

Outlook/Office 365

  • Check the Trash, Sent, and other mail folders for messages you didn’t send or delete.
  • Check your Rules and delete those that you do not recognize.

Details

Article ID: 70475
Created
Sat 1/19/19 3:35 PM
Modified
Mon 4/24/23 4:03 PM
Audience
Employees
Students

Related Articles (5)

Gift Card Spear Phishing Scams
Spear phishing is a form of phishing that targets people. Request gift cards is a common tactic among spear phishers.
Help! I Have Been Phished!
Learn what actions you should take to protect your accounts and report the incident.
Phishing and Other Email Scams
Phishing attacks and other email scams take advantage of personal and professional relationships, organizational hierarchies, and human curiosities — information that is now readily available through social media and professional networking websites.
Securing Mobile Devices
Quick tips to secure your mobile device
What is an IT Security Incident?
What is an IT security incident? What type of impact can a security incident have on the university? How do I report an incident?

Related Services / Offerings (3)

Compromised Accounts Support
If you suspect that your account has been compromised, report it immediately to IT.  IT will work with you to reset your password, restore access to your account, and investigate the impact of the incident.
Report Information Security Incidents
If you suspect a potential security issue involving any private information—whether the information is on a computer, on paper, on the web, etc.—immediately report the details to IT.
Security Incident Response and Consulting
IT prioritizes keeping your information secure. IT works hard to maintain confidentiality, integrity, and to prevent information from being compromised. You can benefit from consulting with our office by obtaining the necessary tools and information to keep you, your information, and your computer safe.