Compromised Account

Compromised Account

A compromised SRU account is one accessed by a person not authorized to use the account. Criminals and hackers target SRU users to gain:

  • Access to the SRU network, processing power, and/or storage they can use to commit crimes.
  • Access to SRU academic resources like the library and journal subscriptions.
  • Information about you to steal your identity, commit fraud, and use your reputation to target your contacts for phishing and fraud.

When accounts are compromised, valuable computing resources and sensitive institutional and personal data are put at risk. Even accounts with limited or no access to institutional data and nothing private or of value in email or personal files are valuable to hackers.

How Accounts are Compromised

  • Phishing. Emails that ask you to verify, validate, or upgrade your account by logging in to a webpage or providing your password are most likely phishing scams. SRU will NEVER send email asking you to confirm your identity or provide confidential, personal information. Learn more
  • Malware. Use of an untrusted computer or a computer infected with a computer virus, running a keyboard logger, or subject to other malicious system compromises. Viruses are malicious programs. The term computer virus typically refers to programs that replicate and spread, although some use it to refer to any malware--adware, spyware, ransomware, and so on--that can damage your computer or compromise your account. To protect your devices from viruses: Install and run antivirus and anti-malware software. Learn more
  • Unsecured network. If you log in to an SRU website while on an unprotected Wi-Fi network, your account information could be stolen. Use secure networks, such as your cellular carrier network, SRU Wireless, or wired connections. Learn more
  • Password Sharing. If you shared your password with a friend, significant other, or family member, they might not have been as careful with it as you are. Learn more
  • Password Stolen on Another Site. Reusing your SRU password on other sites, especially those where your SRU email is your username, puts SRU resources at risk. If your account on those sites is compromised, your SRU account can be easily accessed.
  • Weak password. A short, simple password can be vulnerable to guessing or brute-force techniques. Passwords should use the following rules:

Must include three of these four characters: numbers, symbols, uppercase letters, and lowercase letters.

Must be at least eight characters in length.

Should not be something easily guessed by others.

Minimum password age is set to 90 days.

History is set to three, meaning you cannot re-use your two prior passwords.

How to Know if Your Account is Compromised

  • You cannot login to your account because a hacker changed the password or it is clearly disabled or locked.
  • You cannot send email to external addresses because Microsoft blocked it.
  • You notice missing emails or returned undelivered emails.
  • You find an unknown forwarding email or deleting email rule in place.
  • You see multiple unknown sent items appear in the "Sent Items" folder.

What to Do if Your Account is Compromised

Change your SRU password

  • If you suspect your SRU account has been compromised or stolen:
  • Change your SRU password. See Support Services for links to reset your SRU password. Do NOT set it back to something you have used previously.
  • If you suspect a personal account has been compromised, change the password for that account. Choose a strong password and make it unique to that account. Do not use the same password for multiple accounts; that puts all your accounts at risk if one is compromised.
  • In Office 365 email, check your Inbox and sweep rules to ensure new messages are not being sent to the Deleted folder. See instructions
  • In Office 365 email, check Accounts Forwarding to ensure new messages are not being forwarded to an account to which you are not associated. See instructions

Report It

  • Report through Office 365 by right clicking on the message and clicking on Mark as junk.
  • Report suspected phishing emails to helpdesk@sru.edu
  • Report a suspected compromised SRU account immediately to helpdesk@sru.edu.