How to Determine if Your Account or Device are Compromised

If you suspect your account or device might have been compromised, please examine the common signs of a compromise and follow the steps to prevent loss of data.

Possible Reasons and Signs

  • You shared sensitive information with a person that turned out to be a malicious actor over a phone call, email, or text.
  • You opened a strange email or text attachment.
  • You put your credentials into a malicious form or a fake site.
  • You wired money, provided gift cards, or provided financial/bank information to the malicious actor.
  • You see unknown and unexpected charges on your card.
  • Your device is acting as if on its own, including someone typing in a notepad or chat, programs and files opening on their own and similar behavior.
  • Your account passwords are suddenly changed, preventing your access.
  • You receive emails saying your account password was changed without you changing it.
  • Your email account is seemingly sending emails on its own or phone messaging on its own.
  • You are/were on the phone with a suspicious person outside the university attempting to access your devices or accounts, threatening you and your data, and they have been granted access to your devices and information.
  • Any suspicious behavior in your accounts, emails, devices, financial and health institutions.

If any of these seem similar to what you are experiencing, you need to take immediate steps to keep yourself, your data, and your accounts safe.

Account or Device are Compromised

  • If you are still on the phone or messaging with a malicious actor/scammer/hacker, hang up immediately and do not pick up their calls or message them.
  • If you suspect that the malicious actor has gained access to your device, disconnect it from the Wi-Fi or Ethernet. For mobile phones that are compromised - put it in Airplane mode.
  • For scam/phishing emails, please report them using the PhishAlert in your Outlook desktop or online app.
  • Immediately report the issue to IT Service Desk by calling 203-365-7575 and submitting a self-service ticket. We will work together with you and our IT Security department to determine who, when, and how compromised your account/device.
  • In severe cases, such as unauthorized bank access and withdrawal of large sums, you might need to file a police report.
  • Gather data: What has been lost? What access could have been granted?
  • Change your SHU password (use an unaffected device if possible).
  • Contact your bank and other providers if you believe any sensitive financial, academic or health information has been compromised.
    • You might need to lock your credit/debit card or close an account if enough financial information has been leaked for a malicious actor to make charges or purchases.
    • If the affected card is a P-Card, please reach out to SHU Business Office as well.
  • Change other passwords and implement further security steps when possible for any other service, web app, or application that may have been compromised.
  • Follow any additional steps as advised by the IT Service Desk and IT Security.
Print Article

Related Articles (1)

Compromised Account General Information
Unauthorized access or control has been gained by an external party, jeopardizing the security and privacy of the account owner.