Has your account been hacked? Here are some of the most common
ways that you can find yourself with a compromised account or
- Your Internet browser settings may not be secure.
- You used an unencrypted connection like UB Wireless vs. UB
- You sent a username and password in cleartext (http:, ftp,
telnet are some examples).
- You used a compromised USB flash drive, which re-infected the
- You shared your password, even with close family or
friends—UB will never ask for your password.
- You filled out a fake web form with a username and
password—be sure to check the URL. If the website uses
encryption, check the certificate as well.
- You responded to a phishing email.
- You visited the same infected website, .pdf, etc. without
realizing that it is downloading and running something bad. It's
common for infected files (movies, Word files, spreadsheets,
PowerPoint presentations, and so on) to be transmitted via social
- You used a compromised DNS server.
- If a hardware keyboard capture device was plugged directly into
a computer in a public place, it could have connected to something
- For re-installed PCs: the master boot record from the install
CD (e.g. Windows) may not have been completely erased.
- For re-imaged PCs: the master boot record may not have been
restored from the image (using Symantec Ghost, for
more from Symantec.
- When rebuilding your PC, check that the device is fully patched
before restoring all of your data files. After everything is
restored, run a thorough scan, using as many scanning tools
available, to ensure all of the files are clean.
This list isn't exhaustive. There are many ways for an attacker
to hide and steal your personal information. If you are repeatedly
re-compromised, you must be extra careful about
examining all of your files, data and habits to figure
out in which the attacker is hiding.
Once you've been compromised, you basically can't trust any of
the data files you had on the compromised machine. Contact the CIT Help
Desk for assistance.