Handling Your Compromised Account
This article provides guidance to faculty, staff, and students if an unauthorized person has gained access to their NetID password. It covers how to change your NetID password and check your email for fraudulent activity.Â
Compromised Accounts Overview
When someone that is not you gains access to your credentials (i.e., username, NetID, passwords), your account is considered to be compromised. This means that unauthorized persons are able to use your credentials to pose as you, and the privacy of your data is at risk. ITS monitors email traffic, and if our systems find a suspicious pattern or behavior, we will notify you that your account has been compromised. If you receive this notification, or if you notice that you are unable to log into your UConn email and UConn services with your NetIDÂ credentials, the sections below provide some steps that you can immediately take to protect your information. Additionally, be aware of any unprompted Duo notifications you may receive on your device as that may indicate somebody is trying to access your account.
Be suspicious of any email message that urges you to take immediate action; a false sense of urgency is a red flag for a phishing scam. Always remember that a legitimate message from ITS will never ask that you enter your credentials. Rather, the links you click in a legitimate ITS message will redirect you to an official, verified website (e.g., netid.uconn.edu) or location (Technology Support Center), where you can then enter your credentials safely.
Signs Your Account Was Compromised
There are several signs that your UConn accounts were compromised. Here are a few to keep an eye out for:
You receive notification from Information Technology Services (ITS) that your account was compromised.
You can suddenly no longer sign into your accounts like NetID and your UConn email.
You get prompts from Duo to verify a sign-in that you did not initiate.
People report strange emails sent from your email account that you do not recognize.
Securing Your NetID Account
If your account is compromised, but you are still able to log into your NetID account, follow these steps to secure your NetID:
Log in to the NetID Management website.
Click Change Password.Â
Enter your current password.Â
Enter your new password. Make it completely different from your current password to prevent it from being guessed.
Confirm your new password.
Click Change Password.Â
Securing Microsoft 365 Account (Student Workers, Faculty/Staff, Students)
Log into your Microsoft 365 account from the UConn email website.Â
Navigate to the Gear Icon.Â
Select View all Outlook settings.
Click Mail on the left tab if it has not been selected already.
Under Compose and Reply, check the Email signature.Â
Check the Rules tab to ensure that the only rules listed are those that you personally have set up.
Review all unfamiliar rules, if any are listed.Â
Delete any unfamiliar rules you do not wish to keep.
Check the Sweep tab to ensure that the only rules listed are those that you have personally set up.
Review all unfamiliar sweep rules, if any are listed.Â
Delete any unfamiliar sweep rules you do not wish to keep.
Review all settings listed on the Junk email tab. You should ensure that UConn emails are not blocked and that no spam/unknown emails have been classified as "safe senders."
Check whether the Forwarding tab is disabled. This tab should only be enabled if you personally enabled it.Â
Account Security Tips
Remember that ITS will never ask you for your password.
You should never share your passwords.
You should change any other passwords that are the same as your NetID password.