If you have entered credentials on a phishing website or shared them in other ways, the affected account could be compromised. When running malicious files or visiting malicious websites, there is also a risk that a device has been compromised.

If accounts have been compromised without your knowledge, these accounts may be locked due to suspicious activity. If a device has been compromised without your knowledge, you may receive a virus warning from the IT ServiceDesk and your accounts may be locked.

In case of doubt, you should take steps to secure both your accounts and devices.

Compromised Accounts

• Change your passwords for the compromised accounts.
  • Use a device that has not been compromised to do this
  • Never use a link to change passwords that you have been sent unsolicited
• Inform the IT-ServiceDesk by explaining the situation and sending the suspicious e-mail as an attachment to servicedesk@itc.rwth-aachen.de. Simply forwarding the e-mail is not sufficient!

Compromised Devices

• Contact the IT-Servicedesk without delay to receive help:
  • Forward the suspicious e-mail as an attachment to servicedesk@itc.rwth-aachen.de with a brief explanation of the situation.
  • The IT-ServiceDesk can help you remove the virus if needed
• The antivirus software 'Sophos Anti-Virus' is available for free to members of the RWTH Aachen University and FH Aachen. The download is only possible while connected to the university network.
• The virus can have spread to other devices using your network, so you should also check these devices.

• Procedure for a suspended VPN account