INFOBITS: Compromised UH Usernames

by Jodi Ito

ITS has been seeing an increase in the number of compromised UH Usernames.  These compromised accounts are being used to send spam and phishing emails out to the Internet. When we (ITS) detect an account has been compromised, we will disable the account and the account owner will need to contact us for assistance.

  These spammers have been starting to delete emails (both in the Inbox and Sent mail) from the compromised accounts (we suspect to cover their tracks).  Additionally, they change settings in webmail to:
-  forward all incoming email to another address
-  add mail filters to send all incoming email to another address
-  change the "reply-to:" address so that the recipients reply will go to another address
-  change the signature to include the spam message itself.

We suspect that these accounts are hijacked when the account owners reply to phishing emails or click on the link included in the phishing email message OR if they have a weak password.

Here are some tips to prevent your account from being hijacked:

  • If you receive an email asking for your password, It's a PHISH. DO NOT REPLY TO IT.   ITS and the University (or any other legitimate organization) will NEVER ask for your password.
  • If you receive an email offering to increase your email quota by clicking on a link, it's a PHISHDO NOT CLICK ON THE LINK.  You need to request this yourself by logging in to the UH Account Management web page at:
  • Check the validity of a website if it is unknown to you:
  • Passwords are the "Keys to your Kingdom".  Use STRONG passwords:
    •     at least 8 characters in length
    •     should not contain words found in dictionaries in any language
    •     should contain upper and lower case letters
    •     should at least one number
    •     should contain at least one special character
    •     should be something you remember

Here's an example of a strong password (you have a dog named Rover and you got him in October 2009):   10RvR09$

Paying attention to these tips will help to keep your account safe from hijackers.

Please rate the quality of this answer: Poor Fair Okay Good Excellent
Not the answer you were looking for? Try different keyword combinations and if you still can’t find your answer, please contact us.
Article ID: 1064
Created: Tue, 13 Oct 2009 2:32pm
Modified: Thu, 12 May 2011 10:31am