Compromised Accounts

Owned by Satish Warrier
Sept-08, 2021
3 min read

You have been directed to this page because we suspect your college account was compromised, therefore, it is VERY important for you to read thru this page to understand not only how to gain access to your account but also to understand what could have happened to your account as well how to prevent this from happening again.

What do we mean by a compromised account?

  • Any account that is accessed by someone who is not authorized by the College District to use the account.

Why do we suspect your account was compromised?

  • Microsoft monitors several tell tale signs such as repeated tries to login, access from known malicious IP address, access to account from another country, etc.

  • Microsoft Office 365 also flags accounts that send out large number of emails in short period of time which is a sign that spammers have gained access the account

  • Other colleges and businesses may alert us when they receive emails from your account that are flagged as spam or phishing attempts

  • Additional signs you might have seen:

    • You are unable to access your e-mail account. If an attacker gained access to your email address and password, they may have logged in and changed the password to lock you out of the account.

    • You notice your Sent messages folder is empty or includes messages that you did not send.

    • Your family, friends, and coworkers receive emails from you that you didn’t write. Once your email account is compromised, the attacker can use your email address to send spam or phishing emails to the contacts in your address book

    • You see activity on your social media accounts that you didn’t post. Some social media sites let you use credentials from other accounts (e.g. Google, Yahoo) so you can login to social media without having to create a separate username and password. If your email account is linked to your social media accounts or if you use the same username and password for all your accounts, the attacker can gain access to everything with a single username and password.

What happens to your account?

  • We change your password. This prevents the hacker from continuing to use your account.

  • Your ability to change passwords is blocked.  This prevents the hacker from just changing your password and continuing to abuse your account.

  • Your account is blocked.  The account (including Office 365) or device needs to be cleaned before password resets are allowed or the hacker may reset the password again.

  • All rules in your mailbox are deleted.  Hackers commonly create inbox rules to move mail around or automatically forward your emails to them as you receive them. 

  • All email (SMTP) forwarding was removed.  Again, hackers frequently forward your email to themselves so even after you reset your password, they still get your emails.

What do you need to do?

Contact the helpdesk by emailing help@4cd.edu or (925)229-6888.  Tell them that your account was compromised, and they will ask you questions to ensure your identity and then they will start the process to help you gain access to your account.

  • They will reset your password and ask you to change it the first time you login (Please DO NOT USE any password you have used before).

  • They will remove the block on your account.  You will be required to change your password at next logon so be ready with your long, unique, and strong passphrase.

Note: The helpdesk cannot clean your mailbox.  If your account was used for malicious purposes, there may be many responses in your inbox and sent items that you did not send. Unfortunately, we cannot block people from responding to emails sent from your account.

What you can do to prevent this from happening

Good security best practices and safe browsing habits can help prevent your account from being compromised in the future:

  • Install Anti-virus software on your computer (and keep it updated)

  • Make sure your devices (desktop, laptop, tablets, phones ) have the latest updates.

  • Set your Internet brower software like FireFox, Chrome and Edge to update automatically OR establish a routine to do this manually on a weekly basis.

  • Use unique strong passphrases for account access. 

Additional Resources that you should watch are: