Skip to main content

Compromised Accounts

Although many computer users are proactive and take multiple precautions in an effort to avoid data loss or compromise, the possibility of an attacker gaining access to a user's computer is always a possiblity. User account information, passwords and user names are high value targets that are most often targeted. This information is usually targeted in order to allow an attacker to access financial information. The following steps should be taken in the event that you suspect that any of your accounts, personal or UTA, have been compromised.

  1. Change your password.
    • Do you use the same password for multiple accounts? (Amazon, UTA, Netflix, etc.) If so, you will need to change all of your passwords. Even if you don't use the same password everywhere, it is a good idea to change all your passwords if a primary account, such as your UTA account, is compromised.

  2. Change your security questions.
    • In order to maintain access to a compromised account, an attacker may attempt to either know the answers to the security questions ("Mother's maiden name") or change the questions. In either case, changing the questions will protect against both actions.

  3. Look for/disable any auto responders that have spam embedded.
    • This is especially important for people with multiple email accounts or websites.

  4. Look for any automated forwarding.
    • Again, especially an issue for people with multiple email accounts who may not monitor all of them regularly.

  5. Look for any forwarded email messages.
    • Have any of your devices sent or received any email messages that are suspicious?

  6. Check trash for any password recovery attempts on non-UTA websites.
    • You might need to undelete messages in trash, if function exists.
    • Most websites utilize email as a password recovery mechanism. A savvy attacker will delete these messages from your inbox if possible.

  7. Report the incident to the Information Security Office -