Steps to Take if Your Account is Hacked
The information below will provide you with information on what to look for if you suspect that your account has been hacked (password stolen) and what you should do in response.
CAUTION:
If you are notified that your account has been blocked from sending or that you are unauthorized to send, you must complete the steps below before we can unblock your account.
Symptoms of a Hacked Account
Though you are able to send e-mail, you aren't receiving some or all email.
All of your incoming mail is going to the Junk or Deleted Items folder in your account.
You are receiving hundreds to thousands of bounce messages to a message you did not send.
An email filter exists on your account that is diverting new email away from the Inbox folder.
For other symptoms, please click here.
Solution
Please do the following ASAP:
Scan any computers that you use for malware immediately (Mac, Windows or Linux). It is possible for a computer to have a key-logger virus that records your keystrokes (including your passwords).
From a computer you know to be free of viruses/malware, log into the Pomona College Identity Management site at http://MyPassword.pomona.edu .
Then, click on 'Reset Password' and pick a completely different password. Do not use a password that contains names, dates, or words that could be associated with you (such as a pet's name, child's birthdate, old address, favorite band, etc.). Your account can be hacked again if you us a password that is similar to one you used before.
NOTE: If you have not claimed your account through the Identity Management, please contact the ITS Service Desk at ServiceDesk@pomona.edu and 909-621-8061.
-
Please check your Pomona College email account for message rules and settings that were set by the account hacking.
Log into your email account using the webmail (http://mymail.pomona.edu) and click on the Settings icon (the gear icon in the upper right corner). Then, select 'View all Outlook settings':
Click on 'Rules'. Delete any Inbox rules that are listed (that you did not create). Look for rules that are sending messages to other email addresses, the Trash or other folder.
Click on 'Junk email'. Remove any addresses or domains from the 'Blocked' or 'Safe senders' lists that you did not add.
Click on 'Forwarding' and remove any forwarding that you did not add yourself.
Click on 'Automatic replies' and remove any automatic replies that you did not add yourself.
Have someone send you a message to test the results.
Try sending a test message out to someone to make sure there are no sending blocks on your account.
Setup Duo multi-factor authentication at http://duo.pomona.edu
NOTE: Unfortunately, this service is not available for Alumni
Review all of the messages in your Junk folder. If any of the messages contain personal, sensitive information (such as bank account information, student data, health information, etc.), take corrective action. For example, if you have a message containing bank account number information, please call the bank for advice.
Ask the ITS Service Desk to checks the permissions on your email account profile (Inbox, Sent Items, Deleted Items, Calendar, etc.).
If you would like assistance with any of the instructions above, please come to the ITS Services Desk or call (909) 621-8061.