Has your account been hacked? Here are some of the most common ways that you can find yourself with a compromised account or stolen information
Applies To: Students, faculty, staff, alumni, and parents
Last Updated: November 20, 2020
- Your Internet browser settings may not be secure.
- You used an unencrypted connection.
- You sent a username and password in cleartext (http:, ftp, telnet are some examples).
- You used a compromised USB flash drive, which re-infected the machine.
- You shared your password, even with close family or friends.
- You filled out a fake web form with a username and password—be sure to check the URL. If the website uses encryption, check the certificate as well.
- You responded to a phishing email.
- You visited the same infected website, .pdf, etc. without realizing that it is downloading and running something bad. It’s common for infected files (movies, Word files, spreadsheets, PowerPoint presentations, and so on) to be transmitted via social networking websites.
- If a hardware keyboard capture device was plugged directly into a computer in a public place, it could have connected to something suspicious.
- For re-installed PCs: the master boot record from the install CD (e.g. Windows) may not have been completely erased.
- For re-imaged PCs: the master boot record may not have been restored from the image (using Symantec Ghost, for example). Learn more from Symantec.
- When rebuilding your PC, check that the device is fully patched before restoring all of your data files. After everything is restored, run a thorough scan, using as many scanning tools available, to ensure all of the files are clean.
This list isn’t exhaustive. There are many ways for an attacker to hide and steal your personal information. If you are repeatedly re-compromised, you must be extra careful about examining all of your files, data and habits to figure out in which the attacker is hiding.
Still need help?
Contact the School’s IT Department