Questions:
I think my account is compromised, what do I do?
I got a notice that my account is compromised, how do I fix it?
Answer:
If you think your account has been compromised, or you received a notice from the Crimson Service Desk that your account is compromised, the first thing you need to do is go reset your password. If you are actively using your account and still able to login, you can reset you WSU Network ID password, using our self-service tool at account.wsu.edu. If you are having problems resetting your password, give us a call at 509-335-HELP (4357) or 1-800-608-3839 during business hours, or if you are on the Pullman Campus you can also choose to come in to our Walk-In Helpdesk in Holland Library, room 150, during our business hours for in-person assistance.
Once you have reset your password, you will also want to go login to account.wsu.edu to reset your Security Question and your Multi-Factor Authentication (MFA) options. (For MFA we strongly suggest you use one of the Apps instead of the SMS Text or Phone Call options as the Apps are more secure. See Add New Security Method for MFA for information on how to setup your MFA options for Okta.)
----------
We also suggest that you log in to your email account via an internet browser and ensure that there are no forwarding rules or redirects in place. Often times if an account is compromised, an inbox rule or email forwarding is set up to push mail out of your account to a malicious email address.
Instructions to check forwarding if your mail seems to have stopped coming into your inbox:
•Login at email.wsu.edu using your Network ID and Password (the same credentials you use for MyWSU)
•Click on the Gear icon on the top Right in the blue bar near your avatar or initials icon
•On the Settings box, make sure Mail is selected on the left side
•In the Middle Section, select Forwarding
•Check to see if you have an unknown address where your mail is forwarding. If you do, delete the address and turn off email forwarding.
•Click SAVE at the top *do not forget this or it won’t save the change*
From the Middle Section also check:
•Rules and Sweep for rules you did not place in your account
•Junk email where you can view the blocked and safe senders lists and ensure that an individual has not placed themselves on your safe senders list.
==============
One other caution is to consider scanning your system for malware like keystroke loggers, that may be looking to capture information from you regarding passwords. Some of this type of activity has been reported to be associated with the current rash of compromised accounts.
We can not recommend any one product for the above scanning procedure. However there are many good scanners on the market that perform this service. If you are on the WSU Pullman campus, and you do choose to pursue a scan, we are set up to show you how to perform virus scans at our walk-in location in Holland Library, room 150, during our business hours. We offer the help for free, but make sure you allot enough time to be there with us to scan your computer, as this is not a drop off service.