My District Email Account has been Compromised!
Did you receive an email encouraging you to change your email password? Did you follow the instructions in the message? If so, you may have just handed an open invitation to a hacker to take over your email account!
A hacker may use your account to send out spam using your name and email address. This may include messages intended to trick others to do the same, or include links to a site the will attempt to install malware, viruses, or other computer code to collect personal information, modify files or programs, or take control of a computer without the users knowledge or consent.
In an effort to prevent propagating these problems, messages of this nature may be flagged by internet service providers. This can result in ALL email from our "CCC" or "4CD" domain being "blacklisted" and blocked from other domains, so email messages sent by ANYONE using our domain may not get through to the addressees.
But the message looked legit...
This scheme is known as "phishing", and it is usually designed to trick you into taking a desired action because you trust the sender or the message otherwise appears to be legitimate.
What do I do now?
Contact us immediately at Techs@ContraCosta.edu, or call us at extension 43888, and let us know what happened. We will evaluate the issue and take the appropriate actions. In some cases, we may spot the problem before you become aware of it, and we may need to disable your email account temporarily until the issue can be rectified. We will work with you to try to put your email account back in service in a timely manner.
How do I avoid this problem?
If you receive an unexpected email that includes links or attachments, particularly if the message seems very vague or generic in nature, contact the sender to verify the message before taking any further actions.
Be aware that our campus and district Technology Services staff will never ask you for your password, and does not generally send out any unsolicited messages via email that urge you to change your password. If you ever receive such a message, and you are not sure whether it is legitimate, please forward it to Techs@ContraCosta.edu, or call us at extension 43888 before and wait for confirmation before taking any further action indicated in the message.
Tips for safely using e‑mail and the web*
Use caution when opening e‑mail attachments. E‑mail attachments (files attached to e‑mail messages) are a primary source of virus infection. Never open an attachment from someone you don't know. If you know the sender but weren't expecting an attachment, verify that the sender actually sent the attachment before you open it.
Guard your personal information carefully. If a website asks for a credit card number, bank information, or other personal information, make sure you trust the website and verify that its transaction system is secure.
Be careful when clicking hyperlinks in e‑mail messages. Hyperlinks (links that open websites when you click them) are often used as part of phishing and spyware scams, but they can also transmit viruses. Only click links in e‑mail messages that you trust.
More internet safety tips can be found in this article on the Microsoft Windows web site.
* From"Understanding Security and Safer Computing."
Please review this sample antiphishing landing page created by Anti-Phishing Working Group's Internet Policy Committee (APWG-IPC) and the Carnegie Mellon Cylab Usable Privacy and Security Laboratory (CUPS). It offers good information with clear illustrations.