Procedures for compromised accounts and devices
If you have entered credentials on a phishing website or shared them in other ways, the affected account could be compromised. When running malicious files or visiting malicious websites, there is also a risk that a device has been compromised.
If accounts have been compromised without your knowledge, these accounts may be locked due to suspicious activity. If a device has been compromised without your knowledge, you may receive a virus warning from the IT ServiceDesk and your accounts may be locked.
In case of doubt, you should take steps to secure both your accounts and devices.
Compromised Accounts
- Change your passwords for the compromised accounts.
- Use a device that has not been compromised to do this
- Never use a link to change passwords that you have been sent unsolicited
- Inform the IT-ServiceDesk by explaining the situation and sending the suspicious e-mail as an attachment to servicedesk@itc.rwth-aachen.de. Simply forwarding the e-mail is not sufficient!
Compromised Devices
- Contact the IT-Servicedesk without delay to receive help:
- Forward the suspicious e-mail as an attachment to servicedesk@itc.rwth-aachen.de with a brief explanation of the situation.
- The IT-ServiceDesk can help you remove the virus if needed
- The antivirus software 'Sophos Anti-Virus' is available for free to members of the RWTH Aachen University and FH Aachen. The download is only possible while connected to the university network.
- The virus can have spread to other devices using your network, so you should also check these devices.