April 6, 2018
Back in September 2017 we wrote about whether your account could get hacked. (See https://www.uoguelph.ca/ccs/infosec/not_my_account [1]) In this blog post, we want to explore this issue a bit further. The first question is why CCS Information Security would lock an account. The main reason is that we identified an Indicator of Compromise (IOC). This could be that the account was sending out a large amount of spam, was logging in from disparate locations in the world at the same time, regularly contacted a known malicious site, and a host of other IOCs. We also lock accounts under the following circumstances:
-
Your uoguelph.ca account was identified in a breach of an external site, and you did not change your password as requested
-
Your account was used to download copyrighted material and continued after being warned
-
Your account was found to have breached a University Policy or Canadian Law
-
You are no longer studying or employed at the University
If your account was compromised, we try to understand how, and will ask some questions like:
-
Did you respond to a phishing attempt or scam? Click on a suspicious link?
-
Did you connect via unprotected wi-fi in a coffee shop, airport, hotel, or kiosk?
-
Do you know whether all devices you use are malware-free?
-
Does anyone else know your password?
-
Have you used your U of G userid and password on any external websites?
We try to use the opportunity to increase your awareness and remind you of best practices: Never click on suspicious links or give away your credentials, use the VPN service when connecting over insecure wi-fi, use Anti-Virus software and keep it updated, never share your password with anyone including IT support, and use your U of G credentials ONLY for U of G services. These warnings apply even more over the summer, as many of us are away from campus or travelling. When we practice good security practices, we reduce compromises, minimize inconvenience to others, and make our on-line activity a little safer.
Written by: Gerrit Bos (IT Security Officer, CCS Information Security)