Compromised Account

Print

Steps to take if your W&L account is compromised.

---

Security breaches can happen in a variety of ways - clicking on malicious links, falling for phishing messages, the network you use could be compromised, or your username and password have been exposed in a larger data breach. Regardless of how or why you may have experienced a compromised account, the following steps can help you regain control of your hacked accounts and impacted devices.

• If you suspect your computer is infected, immediately turn off WiFi or unplug from network
• Report the incident to the ITS Helpdesk (help@wlu.edu).
• Change your password(s) for all your accounts (e.g., email, bank, social media, Netflix, etc.) from a clean, malware-free device, and make sure to use a unique, strong password for each account.
• Sign out of all devices.
• Turn on multi-factor authentication for all accounts where possible.
• Verify your account recovery information and options and change/update if you suspect someone guessed the answer to "security questions" to take over your account.
• Run antivirus and antimalware programs on all devices. If you need help running a scan, please contact the ITS Helpdesk (help@wlu.edu).

---

Assess the situation

• Check email settings for rules that may have been altered (i.e., forwarding or delete rules)
• Check email Sent Items for anything the attacker sent
• Check Deleted Items for anything the attacker deleted
• Check account activity for all affected accounts (e.g., email, social media, bank, etc.)
• Check social media accounts for messages or posts the attacker sent in your name
• Check for linked devices or applications the attacker may have set up in your accounts

---

Notify others and monitor

• Notify your contacts and post something alerting others that your account was compromised
• Contact your bank or local authorities, if applicable
• Contact credit agencies and consider credit freeze or credit monitoring (see below), if applicable
• Keep a record of the incident including what happened, when and what your response was
• Monitor accounts closely after you've regained control

---

Additional considerations

• Consider using a password manager, like Keeper (offered by W&L)
• Consider unlinking online accounts to minimize damage (e.g., if you sign in to other accounts using features like "Sign in with Google" or "Sign in with Facebook") because if one account is compromised the attacker can use it to log in to all linked accounts
• Consider wiping your device(s) and do clean installs of the operating system and software
• Consider a credit freeze if you suspect personal financial information was breached:
  • Experian
  • Equifax
  • TransUnion
• Consider reporting to the Federal Trade Commission:
  • Identity theft
  • Information Is Lost or Exposed
  • Report fraud, scams, and bad business practices
• Where to turn if you have a hacked account with popular websites like Facebook, eBay, Google, Instagram, etc.