How do I check if my Bmail is secure after I was hacked?

First, the bad news.  Your account was not hacked.  Hacking is a type of compromise where bad people use sophisticated computer programs to guess your password.  That's not what happened to you.  Your account was phished.  Phishing is an attempt to steal your password by sending you fake email messages or directing you to fake web pages.  Phishing only works if you go to a fake page and type in your password.  And you did!

Now the good news. After your Bucknell Bmail account is discovered to be compromised, your password will be changed by Library & IT administrators.  You must go to Bucknell Account Management and set up a new Bucknell password.  When you logon to your Bmail for the first time after changing your password, please check the following locations to verify that your account is functioning properly.

  1. Google Security CheckReview your security settings in your account.
  2. General - Click on the Gear in the top right corner of your Inbox.  Select Settings from the dropdown menu.
    1. Signature - On the General tab, scroll down to Signature.  If the signature is not your own, delete it.  Pay special attention to any links included in your signature.
    2. Vacation Responder - Scroll down to the Vacation responder and if the message is not your own, delete it.
  3. Accounts - Select the Accounts tab.
    1. Send mail as - If a name other than your own appears, delete it or set a new default.
    2. Check mail from other accounts - If an account you do not own appears in the POP3 section, delete it.
    3. Grant access to your account - If an account you do not recognize appears in this section, delete it.
  4. Filters - Select the Filters tab.  If you see any filters you did not create or you do not recognize, delete them.
  5. Forwarding and POP/IMAP - Select the Forwarding and POP/IMAP tab.
    1. Forwarding - Delete any forwarding addresses you do not own by selecting "Disable forwarding " - This step is very important!!! 
    2. POP - If you do not use POP (and you probably don't), disable it.
    3. IMAP - If you do not use IMAP, disable it.
  6. Contacts - In the top left corner of Bmail, click the down arrow next to Mail.  Select Contacts.  If you see contacts you do not recognize, follow the instructions to Restore Contacts to an earlier point in time.
  7. Sent Mail - In your label list (also known as mailboxes or folders) locate Sent Mail.  Inspect the list to see if there are sent messages you do not recognize.  Delete any unrecognized sent messages.
  8. Calendar - Open your Calendar sharing to verify that you recognize everyone who has permission to view or edit your calendar.  If there are any names or usernames you do not recognize, remove them from sharing.
  9. Google Sites - Go to Google Sites and verify that all the sites in your account are really yours.  If there are any sites that you did not create, delete them.
  10. Authorized Devices - Verify that you own or control all the devices that are accessing your account.
  11. Recent Activity - Over the next few days and weeks, continue to check your Recent Activity.
  12. Phishing - Never respond to email messages that try to scare you into giving your password to dangerous people.  If you get a message like this, use the Report Phishing button to tell Google about the fake email.


Article ID: 477
Thu 9/17/20 3:28 PM
Thu 9/17/20 3:32 PM