Has your account been hacked? Here are some of the most common ways that you can find yourself with a compromised account or stolen information.
- Your Internet browser settings may not be secure.
- You used an unencrypted connection instead of a secure connection like. eduroam.
- You sent a username and password in cleartext (http:, ftp, telnet are some examples).
- You used a compromised USB flash drive, which re-infected the machine.
- You shared your password, even with close family or friends—UB will never ask for your password.
- You filled out a fake web form with a username and password—be sure to check the URL. If the website uses encryption, check the certificate as well.
- You responded to a phishing email.
- You visited the same infected website, .pdf, etc. without realizing that it is downloading and running something bad. It's common for infected files (movies, Word files, spreadsheets, PowerPoint presentations, and so on) to be transmitted via social networking websites.
- You used a compromised DNS server.
- If a hardware keyboard capture device was plugged directly into a computer in a public place, it could have connected to something suspicious.
- For re-installed PCs: the master boot record from the install CD (e.g. Windows) may not have been completely erased.
- For re-imaged PCs: the master boot record may not have been restored from the image (using Symantec Ghost, for example). Be sure that the MBR is overwritten completely using Diskpart clean command. Read more about that at http://knowledge.seagate.com/articles/en_US/FAQ/005929en
- When rebuilding your PC, check that the device is fully patched before restoring all of your data files. After everything is restored, run a thorough scan, using as many scanning tools available, to ensure all of the files are clean.
This list isn't exhaustive. There are many ways for an attacker to hide and steal your personal information. If you are repeatedly re-compromised, you must be extra careful about examining all of your files, data and habits to figure out in which the attacker is hiding.
Once you've been compromised, you basically can't trust any of the data files you had on the compromised machine. Contact the UBIT Help Center for assistance.