Compromised Accounts

A compromised account is one accessed by a person not authorized to use the account. Criminals and hackers target users to gain:

  • Access to the network, processing power, and/or storage they can use to commit crimes.
  • Access to business resources.
  • Information about you to steal your identity, commit fraud, and use your reputation to target your contacts for phishing and fraud.

When accounts are compromised, valuable computing resources and sensitive institutional and personal data is put at risk. Even accounts with limited or no access to business data and nothing private or of value in email or personal files are valuable to hackers.


How Accounts are Compromised

  • Phishing. Emails that ask you to verify, validate, or upgrade your account by logging in to a webpage or providing your password are most likely phishing scams. Learn more and protect yourself with the information on Spam, Phishing, and Suspicious Email. Our IT team, Runbiz, will NEVER send email asking you to confirm your identity or provide confidential, personal information.
  • Use different passwords for work, school and personal use.
  • Password Stolen on Another Site. Reusing your college password(s) on other sites, especially those where your email is your username, puts the college resources at risk. If your account on those sites is compromised, your CC account can be easily accessed.
  • Password Sharing. If you shared your password with a friend, significant other, or family member, they might not have been as careful with it as you are.
  • Malware. Use of an untrusted computer or a computer infected with a computer virus, running a keyboard logger, or subject to other malicious system compromises.
  • Unsecured network. If you log in to a work/personal account while on an unprotected wi-fi network, your account information could be stolen. Remember to always Use a Secure Internet Connection.
  • Weak password. A short, simple password can be vulnerable to guessing or brute-force techniques. See the Password Security Checklist for other ways to keep your password safe.


How Clarendon College Identifies Compromised Accounts

  • Reports from compromised users. Some compromised account reports lead Runbiz to discover other affected account-holders. Because of this, please report any suspected account compromise, even if you’ve already changed your password.
  • System monitoring. Automated system monitoring alerts systems administrators to suspicious or unauthorized activity.
  • “Abuse” complaints. Complaints or alerts received from third parties about spam or network-based attacks coming from your company accounts.

  • Log analysis. Investigation of security incidents sometimes reveals evidence of compromised accounts.


If Your Account is Compromised

No matter what:

  • DO NOT change your password back to what it was when it was compromised.
  • DO NOT change it to a password you use for other sites.
  • DO NOT reuse your work password for other sites and services.


See Also

What to Do If Your Account Is Compromised

4400 College Drive
Vernon, TX 79124

Great care has been taken in producing this compilation of resources. Citations are given as possible, but please know that this piece of work is from a collection of extraordinary minds.