Skip to main content

How did my account get compromised?

You may have received a notice from the UCF Information Security Office stating that there is reason to believe your account was compromised.  You may be wondering how that happened.  There are many ways attackers are able to compromise user accounts.  In most cases, accounts become compromised through one or a combination of these issues:

  • Password Re-Use
    • If you use the same password for multiple accounts, a data breach from one website may lead to the disclosure of passwords that could affect your other accounts.
  • Weak or Common Password
    • Attackers are able to compromise short passwords (less than eight characters in length) within minutes in most cases.  If your password is not sufficiently strong to frustrate attempts to crack it, or if you use a common password such as “123456” or “qwerty,” it will be compromised very quickly.
  • Social Engineering
    • Criminals are becoming very good at writing emails or sending text messages that appear to come from legitimate companies.  If you receive a phishing email or text message and provide your personal information, the criminal now has access to your account.
Reset your NID and Knight’s account password via the Self Service Password Reset Tool
Verify your personal information within myUCF
  • Confirm your email addresses, phone numbers and direct deposit information are unchanged and up to date within myUCF.  If any changes have been made, notify the Security Incident Response Team at SIRT@ucf.edu.
Check your email for unauthorized rules
  • Within Outlook, rules can be set that affect how email is handled.  Attackers have been known to create inbox rules that delete incoming messages to increase the amount of time that their access goes undetected.  Check your mobile app settings, or go to “Manage Rules & Alerts” within the File menu if using the Outlook desktop app, and remove any unwanted rules.
Scan your system for malware
  • Malicious software may have led to your account being compromised.  Perform an anti-virus / anti-malware scan to ensure your system is clean.  Make sure your system and the programs within it are running the latest version with the most recent security updates installed to help protect against malware.
   
Enable Multi-Factor Authentication wherever possible
  • Multi-Factor Authentication (MFA), also known as Two-Factor Authentication (2FA), requires multiple forms of verification when logging in to an account. Some systems will send a code via text message, while others will prompt for a code generated by an authenticator app on the user’s smartphone. You can learn more about MFA for your UCF accounts here: https://infosec.ucf.edu/identity-management/multi-factor-authentication/.
    See our resources below for help setting up MFA on your personal accounts.
Use a unique, strong password for each account
  • Never share passwords across accounts, and be sure each password is long (at least eight characters, and preferably more) and complex. A password manager such as KeePass, LastPass, and others can help you keep track of your passwords. Many are free; take the time to search and find one that meets your needs.
Spot and defeat phishing attempts
  • Remember that reputable businesses will not ask for your account credentials via email or text message. Treat any unexpected messages that require immediate action on your part with suspicion. Never share sensitive personal information with someone claiming to represent a business or government agency if you did not initiate the contact. Review our Phishing Awareness page for more information about phishing: https://infosec.ucf.edu/awareness/phishing/.
Have I Been Pwned: https://haveibeenpwned.com
  • Determine if your accounts have been included in any data breaches by searching with your email address.
MFA at UCF: https://infosec.ucf.edu/identity-management/multi-factor-authentication/
  • Learn more about using MFA to protect your UCF accounts.
Two Factor Auth: https://www.twofactorauth.org/
  • See which websites support two-factor authentication.
Lock Down Your Login: https://stopthinkconnect.org/campaigns/lock-down-your-login
  • Review more steps you can take to secure your accounts.