1. Kean University
  2. Solution home
  3. Internet & Network
  4. Online Browsing & Cybersecurity

What To Do If Your E-Mail Has Been Compromised

Modified on: Mon, Feb 12, 2024 1:01 PM

If you suspect that your e-mail has been hacked, you must take the following actions.

  1. Change your e-mail password immediately.
  2. Contact Computer Services to inform us (and re-enable your account if necessary)
  3. Remove any unfamiliar devices and apps from your KeanGoogle account
  4. Change your password on any account that uses the same password (even personal accounts)
  5. Fixing your e-mail name (if it was changed)

Once we have received notice of an account compromise or detected suspicious activity, we will investigate. Your account may be disabled once the risk has been detected. In this case, please call or visit the office. 

Once you have taken the steps above, no further action is needed on your part unless we contact you.

For more information about these steps and about account compromises, see the steps below. 

Detailed Steps:

1) Changing your password

If you are still able to log into your account, please change your password. If you cannot, please call the office.

If you are currently logged into your account, you can reset the password at this link: https://myapps.kean.edu/enduser/settings


2) Contacting Computer Services

You may contact us by phone during our hours of operation. If you do not have access to the account, a phone call will be required to reset your password. 

If you still have access to the account, you may send us an e-mail with the details either in a new message or by forwarding any suspicious message you've received.

3) (KeanGoogle) Removing unfamiliar devices

When signed into your e-mail account, navigate to the security settings. From here, you can remove any computers, cell phones, or other devices that may be signed into your account.

A direct link to the device page can be found here: https://myaccount.google.com/device-activity

Please follow these steps:

  1. Navigate to the Devices page in your Google account security settings.
  2. Find any devices listed that you do not recognize, particularly ones in strange places (other states, other countries, etc.) 
  3. Click on the three dot menu in the corner of that device's card
  4. Select "sign out"

4) Changing other account passwords

Once a password has been stolen, you should assume that it'll never be safe to use again. When hackers obtain passwords, it is very common for them to save and share those passwords in order to try them on other accounts across the internet. This is especially dangerous if you use the same e-mail or username. For this reason, we highly discourage re-using any passwords across multiple accounts. 

5) (KeanGoogle) Fixing the name on your account

Some hackers will change the name listed when you send out e-mails in order to impersonate other people and companies. You can correct these name changes through your mail settings. There are two places where your name may have changed:

  1. Your KeanGoogle Account Settings name page
  2. Your E-mail specific "Accounts" settings

For more detailed instructions and information, please see our Solution article about account names.

Common Questions:

(For more information on Phishing scams, please see the FTC's official article)

How do I know if I've been compromised?

Hackers will often use your account to send out e-mails to spread their scam or malware even further. Sometimes, you may notice that your e-mail name has been changed. You may also be locked out of your account if the hacker changes your password. Keep an eye out for any activity on the account that you don't remember doing. Check your Sent e-mail.

How might I have been compromised?

  • Clicking on an unfamiliar link, bringing you to a fake page that collected your information or installed malware.
  • Entering sensitive information while connected to an unsecured Wi-Fi network (i.e. does not require any passwords or sign-in), sometimes even a home network
  • Downloading suspicious files that aren't what they claim to be, especially from unlicensed sources of copyrighted material (i.e. "digital piracy") 
  • Clicking to allow a "script" to run in an e-mail or installing 
  • Using a weak or easily guessed password ("123456", "letmein", "password")
  • Malware (viruses, spyware, keyloggers, malicious scripts, unsecure browser extensions, etc.)
  • Another account using the same password was compromised

What should I do when I receive a link in my e-mail?

  1. Make sure to never click on a link you do not expect to receive
  2. Check where the link really goes and make sure that it looks right. 
  3. Look for anything unusual in the e-mail's content, such as grammatical/spelling errors, unfamiliar terms, or a threatening tone.
  4. Make sure that all links and e-mail addressed are accurate; Kean pages should be "kean.edu" and not "kean.edu.co"
  5. When in doubt, navigate directly to the official website instead of using the link.

Please note that URL shorteners such as "tinyurl.com" and "bit.ly" are legitimate websites, but are often exploited to hide the real address of a link. It fine to create and share these links privately since they are not inherently harmful, but it is highly discouraged to use these links for public distribution in order to avoid normalizing them. Online "URL expanders" or "URL checkers" can give the full link that a shortened URL leads to.

Always stay calm and read the e-mail carefully; scammers want to scare and confuse you by making it seem like something is urgently wrong and lure you to click on their links to fix it. If you ever receive an e-mail that doesn't feel right or sound familiar, reach out to OCIS or to the person who supposedly sent it to you and ask if it's a legitimate link and the proper action to take. 

Was this answer helpful? Yes No

Sorry we couldn't be helpful. Help us improve this article with your feedback.