Compromised Account

Print

Steps to take if your W&L account is compromised.


Security breaches can happen in a variety of ways - clicking on malicious links, falling for phishing messages, the network you use could be compromised, or your username and password have been exposed in a larger data breach. Regardless of how or why you may have experienced a compromised account, the following steps can help you regain control of your hacked accounts and impacted devices.

  • If you suspect your computer is infected, immediately turn off WiFi or unplug from network
  • Report the incident to the ITS Helpdesk (help@wlu.edu).
  • Change your password(s) for all your accounts (e.g., email, bank, social media, Netflix, etc.) from a clean, malware-free device, and make sure to use a unique, strong password for each account.
  • Sign out of all devices.
  • Turn on multi-factor authentication for all accounts where possible.
  • Verify your account recovery information and options and change/update if you suspect someone guessed the answer to "security questions" to take over your account.
  • Run antivirus and antimalware programs on all devices. If you need help running a scan, please contact the ITS Helpdesk (help@wlu.edu).

Assess the situation

  • Check email settings for rules that may have been altered (i.e., forwarding or delete rules)
  • Check email Sent Items for anything the attacker sent
  • Check Deleted Items for anything the attacker deleted
  • Check account activity for all affected accounts (e.g., email, social media, bank, etc.)
  • Check social media accounts for messages or posts the attacker sent in your name
  • Check for linked devices or applications the attacker may have set up in your accounts

Notify others and monitor

  • Notify your contacts and post something alerting others that your account was compromised
  • Contact your bank or local authorities, if applicable
  • Contact credit agencies and consider credit freeze or credit monitoring (see below), if applicable
  • Keep a record of the incident including what happened, when and what your response was
  • Monitor accounts closely after you've regained control

Additional considerations