Got a question? Ask us:

Quick Links

• Get a UH Username
• ITS Help Desk
• Manage your UH Username
• Email Account practices
• UH Username practices
• Virus information
• ITS Documents
• ITS Labs
• Supported Software
• MyUH
• Laulima (Learning & Collaboration)
• Webmail
• ITS Telecom Engineering
• Email Tech Support

Signs that your UH Username and password were compromised:

• flood of email in your Inbox either in response to spam sent from your account (several thousands of emails) or from people informing you that your account is being compromised

• can't log in any more (your account might have been disabled or your password reset) 

What to do if your account is compromised:

• Check your computer system for a virus or trojan

  • Check if your operating system has the most recent updates

  • Check if you have the latest virus definitions and/or latest anti-virus update

  • Run anti-virus software scan

  •  Run anti-spyware software scan

  • Details are outlined at "Securing Your Desktop" at http://www.hawaii.edu/askus/593

• If your computer doesn't have a virus, you could check to see if you are able to change your password  e.g. http://www.hawaii.edu/askus/287

  •  Do NOT use the same password as before

  • Log into  Web Mail <https://mail.hawaii.edu> to check your settings (some compromised accounts have had their configurations changed)
  1. Click on the 'Options' tab.  
  2. Check if forwarding is turned on. (Click on 'Settings' and check that there is no unknown forwarding email address inserted.) 
  3. Check if there is a 'reply to' address filled in. (Click on 'Personal Information', and check the 'reply to' and 'signature' fields.)
  4. Check the vacation setting. (Click on 'Vacation Message' and see if any text written there was not written by you.)  

To prevent  compromises:

• NEVER send your password to ANYONE
• DO NOT REPLY to suspect email 
• make sure you're up-to-date in Windows updates
• make sure you're up-to-date in any anti-virus and anti-spyware updates
• review document Securing your Desktop Computer
• don't save passwords to your email account on your system, it might take a few more seconds to log in manually, but it might save you hours of time cleaning up after a compromise

 To report a suspicious email saying it's from the University of Hawaii and asking for confidential information:

• forward a copy of the message with full mail headers to spam@hawaii.edu
• [to get full mail headers, please see http://www.hawaii.edu/askus/895]
• Optional: see if it's already been reported by checking http://www.hawaii.edu/its under "Security Alerts"

Do not supply passwords or confidential information via email.  No legitimate institution will ask you for this information via an email. Someone who replied to a phishing email mentioned that he wasn't sure if it was legitimate, but answered the email providing Username and password; that account was compromised and used to spam thousands of email messages. As a result, hotmail.com and yahoo.com blocked mail coming from the UH mail server. (They were being flooded with spam.) If you see a reply to: address that is not with our hawaii.edu domain, most likely it is a scam, so please do not reply. We realize that the instigators of these scams get paid for this and will try all types of methods to get someone to reply. As they get more sophisticated, it can get more difficult to determine if the email is legitimate or not. If in doubt, for any email asking for account information appearing to be from the University of Hawaii, please give our ITS Help Desk a call at (808) 956-8883, or toll free from neighbor islands: (800) 558-2669.

Additional Information:

• Spam at the University of Hawaii
• IT Security at UH
  

• Contact ITS