Compromised UMS User Account?

If you've recently been notified by the IT Helpdesk that your account was compromised, here are the next steps.

Detailed Information

UMS Account:

  1. Change your password, if you haven't just done so (see guidance on How to Create a Strong Password)
     
  2. Check for Direct Deposit Fraud attempts.
    1. Employees (including student employees): many have direct deposit for their pay check or travel reimbursement. With access to your account, attacker's know how to change your direct deposit and filter out the email notification you would otherwise receive when it's changed. Confirm the visible part of the bank information matches your true bank account.
    2. Students: many have direct deposit set up to get refunds from the University. With access to your account, attacker's know how to change your direct deposit and filter out any email notifications you would otherwise receive. Confirm the visible part of the bank information matches your true bank account.
    3. Concur Users: confirm the banking information in your MaineStreet Travel & Expense profile matches your true bank account (this is a separate profile from your University payroll).  If you need assistance with checking or updating your Travel & Expense profile, contact Procurement Services at procurementservices@maine.edu or 581-9101.
       
  3. Review your Gmail filters (Settings / All Settings / Filters and Blocked Addresses), especially for any that automatically trash inbound messages matching certain keywords (e.g. Direct Deposit, Banking, etc)
     
  4. Review your Gmail account settings at myaccount.google.com AND in Gmail settings (Settings / All Settings / Accounts and Import, etc)
    1. Sometimes your Google display name may be changed to impersonate an individual or department
       
  5. Use Google's Security Checkup tool (myaccount.google.com/u/0/security-checkup) and follow any recommendations you find there.
     
  6. Review for exposure of other sensitive information in your UMS email account (driver's license ID, bank account, SSN, credit card numbers, passwords to other accounts)
     
  7. To become more phishing resistant, turn on MFA for your UMS account, if it's available to you on your campus. 

Non-UMS Accounts:

Related Articles

Environment

  • accounts
  • security
100% helpful - 1 review