Things to Consider if Your UNH Account has been Compromised

If you believe your UNH Account has been compromised, call the UNH IT Service Desk at 603-862-4242 immediately for assistance in securing and recovering your account.  This is an important step as it is not always enough to simply change your password.

Once your account has been secured and recovered, take the following actions immediately:

  1.  Run a malware scan on any device where you have entered your UNH username and password, even if you only logged into a web application like Outlook Web Access (OWA).
    • You can skip this step if you only use your UNH credentials on your UNH computer and it was already scanned by a UNH support tech.
    • If your UNH device has already been scanned, you still need to scan any other device where you have recently entered your UNH username and password.
  2. If you use your UNH username and password to access any applications at UNH that are not linked to your UNH account (you would have to change the password on these accounts separately when you change your password every 6 months), change those passwords as well.  
    • It is recommended that you do not use the same password for multiple accounts.
  3. If you use your UNH username and password for any non-UNH accounts (Netflix, personal email, etc.) you need to change the passwords on those accounts immediately.
    • It is against University best practice to use your UNH username or email address as the username for non-UNH system access.
    • If you are currently using your UNH username and password on any personal accounts, you should change to a new username and always use a different password.
  4. If you use the same or a similar password for ANY other account (even if you aren’t using the same username) – at the University or for personal use – you need to change the passwords on those accounts immediately.
    • You can better protect your information and the University by using a different password for each account you log into, which is easier if you use a Password Manager.
  5.  If you had to change the password for any personal account in step 2 or 3 that is linked/associated with a bank account, credit card account, or any other account that can be used for financial transactions (like Amazon), check the activity on those accounts to ensure there haven’t been any unauthorized purchases or changes.
    • If you notice any unauthorized activity, notify the financial services provider/company immediately.
  6. Check your UNH email account to ensure there haven’t been any inbox rules set up to re-direct or delete mail.
  7. If you had to change the password for any personal email accounts, check those email accounts for inbox rules you did not create as well.
  8. Check the inbox and trash folders in each email account to see if there are any emails indicating your password changed on other accounts that you did not initiate.
    • Contact the provider of that account for any accounts where your password was changed by the attacker.
  9. Review Good Security Practices to Adopt at Work/School, and at Home.
Custom Fields
  • Author: UNH Information Security Services
  • Department: Information Security Services
Attached Files
There are no attachments for this article.
Related Articles RSS Feed
PCI DSS - Payment Card Security
Viewed 1601 times since Thu, May 7, 2015
UNH Information Security Services - Tax Season Resources
Viewed 226 times since Wed, Feb 21, 2018
Why Can’t I Forward Emails to Phishing.Report@unh.edu?
Viewed 197 times since Thu, Feb 22, 2018
Antivirus Software for Mac
Viewed 6139 times since Wed, Aug 12, 2015
Signs Your Account is Compromised
Viewed 498 times since Wed, Aug 16, 2017
Red Flag Rule - Identity Theft Prevention
Viewed 1617 times since Thu, May 7, 2015
Good Security Practices to Adopt at Work/School, and at Home
Viewed 549 times since Fri, Jul 14, 2017
FAQs- System Center 2012 Endpoint Protection, Microsoft Security Essentials, and Windows Defender
Viewed 3706 times since Wed, Aug 12, 2015
SEED: Accepted Equipment List & Disposal Guide
Viewed 2657 times since Tue, Apr 28, 2015
Policies on IT resources
Viewed 2512 times since Wed, Mar 25, 2015
MENU