Summary
Signs that your account is compromised and related information are included in this article. In today’s information security threat landscape, the creativity, ingenuity, and perseverance of the cybercrimimals who want to steal your credentials seem to have no limits. If it isn’t credential-seeking malware dropped on your device during a download, it is a phishing email attempting to get you to log in to a fake USNH log in page. Unfortunately, with threats coming from so many directions, even the most careful users can end up with compromised credentials.
Content
While it is critical for all USNH users to be diligent in safeguarding accounts (find tips on Good Security Practices here), it is also important to be able to tell if you have a compromised account because, when it comes to cybercrime, time is always of the essence.
Here are some of the warning signs that someone other than you has been accessing one of your accounts:
a. Inbox Rules You Didn’t Create
If a co-worker or family member asks about an email they sent that you don’t remember getting, check to see if there are any inbox rules set-up to automatically forward/move/delete emails. A common tactic used by cybercriminals is to immediately set-up rules to divert or re-route emails when they arrive in your inbox. This allows them to use your account without you noticing.
b. Emails in Sent Folder You Didn’t Send
If a cybercriminal uses your account to send spam or phishing emails, you may see evidence of those emails in your Sent Mail folder.
c. No Emails in Your Sent Folder
In some cases, cybercriminals will delete all the email in the Sent Mail folder in an attempt to hide/cover their tracks.
d. Inability to Log In to Your Accounts
In some cases, the first action an attacker takes once they get access to your account is to change the password. In other cases, UNH IT may have secured you due to a suspected or confirmed compromise.
e. Last Logged in Date/Time Stamp that Doesn’t Make Sense
If you are using a system that provides you with the last date and time you logged in to that application and that date and time stamp doesn’t align with the last time you believe you accessed the account, it can indicate someone else has been accessing your account.
f. Confirmation Emails Received for Actions You Didn’t Take
If you are using a system that provides you with the last date and time you logged in to that application and that date and time stamp doesn’t align with the last time you believe you accessed the account, it can indicate someone else has been accessing your account.
g. Reports from Others of Email Received from You that You Didn’t Send
If co-workers, family members, or others tell you they received email you didn’t send or respond to email you didn’t sent, your account is compromised.
If you suspect you have a compromised account, take the following actions immediately.
If the account is your USNH Account (IT ID), call the appropriate for your campus Help Desk immediately and notify them of the compromise. They will walk you through the process to secure and recover your account. Once your account has been recovered, follow the guidance provided in Things to Consider if Your USNH Account has been Compromised.
If the compromised account is a personal account that uses your USNH username (IT ID) as the username, follow the directions above for a compromised USNH account.
If the compromised account is a personal account that does not use your USNH username, review the advice provided in Things to Consider if Your USNH Account has been Compromised and apply those recommendations to your personal accounts.
Further Readings
Good Security Practices
Things to Consider if Your USNH Account has been Compromised
Need additional help?
Visit the Technology Help Desk Support page to locate your local campus contact information or to submit an online technology support request. For password issues you must call or visit the Help Desk in person.