Handling Your Compromised Account

This article provides guidance to faculty, staff, and students if an unauthorized person has gained access to their NetID password. It covers how to change your NetID password and check your email for fraudulent activity.

Compromised Accounts Overview

When someone that is not you gains access to your credentials (i.e., username, NetID, passwords), your account is considered to be compromised. This means that unauthorized persons are able to use your credentials to pose as you, and the privacy of your data is at risk. ITS monitors email traffic, and if our systems find a suspicious pattern or behavior, we will notify you that your account has been compromised. If you receive this notification, or if you notice that you are unable to log into your UConn email and UConn services with your NetID credentials, the sections below provide some steps that you can immediately take to protect your information. Additionally, be aware of any unprompted Duo notifications you may receive on your device as that may indicate somebody is trying to access your account.

Be suspicious of any email message that urges you to take immediate action; a false sense of urgency is a red flag for a phishing scam. Always remember that a legitimate message from ITS will never ask that you enter your credentials. Rather, the links you click in a legitimate ITS message will redirect you to an official, verified website (e.g., netid.uconn.edu) or location (Technology Support Center), where you can then enter your credentials safely.

Signs Your Account Was Compromised

There are several signs that your UConn accounts were compromised. Here are a few to keep an eye out for:

You receive notification from Information Technology Services (ITS) that your account was compromised.
You can suddenly no longer sign into your accounts like NetID and your UConn email.
You get prompts from Duo to verify a sign-in that you did not initiate.
People report strange emails sent from your email account that you do not recognize.

Securing Your NetID Account

If your account is compromised, but you are still able to log into your NetID account, follow these steps to secure your NetID:

Log in to the NetID Management website.
Click Change Password.
Enter your current password.
Enter your new password. Make it completely different from your current password to prevent it from being guessed.
Confirm your new password.
Click Change Password.

The new password must follow the Password Complexity Rules, as listed below:

Passwords must be at least twelve (12) characters long.
The password must contain characters from three of the following four categories:
- Upper Case: A B C ...
- Lower Case: a b c ...
- Numbers: 1 2 3 …
- Symbols: + - _ = . @ ? ! …
The password cannot contain any three consecutive characters that are part of your name or NetID.

Securing Your Google Workspace Account (Students)

You should change your password if it was compromised or if you believe it may have been compromised. To secure your Google Workspace account, follow these steps:

Reset your Google password from the Google password reset page.
Navigate to Gmail Settings.
Check the Signature listed on the General tab.
Review the Send Mail As settings listed on the Accounts tab.
Review the filters and blocked addresses listed on the Filters and Blocked Address tab.
Review the settings listed on the Forwarding and POP/IMAP tab, paying extra attention to any listed forwarding address.
Press Save at the bottom to update all changes.
Check recovery options. To do so,
1. Select the Apps icon at the upper right.
2. Select the Account App.
3. Navigate to Security.
4. Check the recovery Email and recovery Phone.
Update any items that may require updating.

Securing Microsoft 365 Account (Student Workers, Faculty/Staff, Students)

Log into your Microsoft 365 account from the UConn email website.
Navigate to the Gear Icon.
Select View all Outlook settings.
Click Mail on the left tab if it has not been selected already.
Under Compose and Reply, check the Email signature.
Check the Rules tab to ensure that the only rules listed are those that you personally have set up.
1. Review all unfamiliar rules, if any are listed.
2. Delete any unfamiliar rules you do not wish to keep.
Check the Sweep tab to ensure that the only rules listed are those that you have personally set up.
1. Review all unfamiliar sweep rules, if any are listed.
2. Delete any unfamiliar sweep rules you do not wish to keep.
Review all settings listed on the Junk email tab. You should ensure that UConn emails are not blocked and that no spam/unknown emails have been classified as "safe senders."
Check whether the Forwarding tab is disabled. This tab should only be enabled if you personally enabled it.

Account Security Tips

Remember that ITS will never ask you for your password.
You should never share your passwords.
You should change any other passwords that are the same as your NetID password.

Page:

Stay Out of the Phish Bowl
Page:

Detect and Protect Yourself from Phishing
Page:

Deactivation of NetIDs for Faculty and Staff that Leave UConn
Page:

Protecting Your Computer From Security Risks
Page:

Fix Webex Deactivation Message
Page:

Using Your Webex Account
Page:

Department Webex Accounts
Page:

IT Security
Page:

Account Sponsorship: Frequently Asked Questions
Page:

Security Best Practices for Telecommuting