Compromised Accounts

A compromised EKU account is one accessed by a person not authorized to use the account.  Criminals and hackers target EKU users to gain:

• Access to the EKU network, processing power, and/or storage they can use to commit crimes.
• Access to EKU academic resources, like the library and journal subscriptions.
• Information about you to steal your identity, commit fraud, and use your reputation to target your contacts for phishing and fraud.
• Access to institutional data and financial information.
• Access to other employee and student information.

When accounts are compromised, valuable computing resources and sensitive institutional and personal data is put at risk.  Even accounts with limited or no access to institutional data and nothing private or of value in email or personal files are valuable to hackers.

How Accounts are Compromised

• Phishing.  Emails that ask you to verify, validate, or upgrade your account by logging in to a website or providing your password are most likely phishing scams.  Learn more and protect yourself. EKU will NEVER send an email asking you to confirm your identity or provide confidential, personal information.
• Password Stolen on Another Site. Reusing your EKU passwords on other sites, especially those where your eku.edu email is your username, puts EKU resources at risk.  If your account on those sites is compromised, your EKU account can be easily accessed.
• Password Sharing.  If you shared your password with a friend, significant other, or family member, they might not have been as careful with it as you are.
• Malware.  Use of an untrusted computer or a computer infected with a computer virus, running a keyboard logger, or subject to other malicious systems compromises your accounts.
• Unsecured Network.  If you log in to an EKU website like EKU Direct or OWA on an unprotected wi-fi network, your account information could be stolen.  Always use a secure network, like EKU_SECURE.  
• Weak Passwords. A short, simple password can be vulnerable to guessing or brute-force techniques.  Passwords should be a minimum of 10 characters, including upper and lowercase letters, at least one number, and at least one special character (!, @,  #, $)

How EKU Identifies Compromised Accounts

• Reports from Compromised Users.  Come compromised account/spam reports lead IT to discover affected account holders.
• System Monitoring.  Automated system monitoring alerts system admins to suspicious or unauthorized activity.
• "Abuse" Complaints.  Complaints or alerts received from third parties about spam or network-based attacks coming from EKU accounts.
• Log Analysis.  Investigation of security incidents sometimes reveals evidence of compromised accounts.

If EKU Identifies your EKU Account as Compromised

1. Your EKU email password will be randomized.
2. Students will be placed on two-factor authentication (2FA).
3. Contact the IT Service Desk by phone at 859-622-3000 to reset your password and clean up your account.
4. If you use that password on other sites, change it too.