Phish Files
Abstract Aliens On Flying Saucers Northern Lights Lighthouse Mountains Water Tree Sun Background Gradient Unidentified Flying Object Ufo Stars Vector Design Style Landscape
Phish Files Articles
October 1, 2025

NCSAM 2025: Identity Erased

Posted in: News

The image is a “Please Stand By” style banner. It features a solid-colored background (a bright, warm hue, likely orange or red) with large, bold white text reading “PLEASE STAND BY.” The font is sans serif, clean, and easy to read. The banner gives off a retro or old-broadcast feel, like a classic TV intermission screen.

You thought you were just checking your email. Maybe logging into NEST or streaming a quick episode before your next class. But somewhere—behind the scenes—someone else might be watching.

Cyber attackers don’t need to break into buildings anymore. All they need is your login. With a single compromised account, they can sneak into email, steal financial info, send phishing attacks from your account, and even lock you out of your own digital life.

It’s not a ghost story—it’s real, and it happens more often than you’d think.

So, what happens when your account is compromised? How do you recover—and more importantly—how do you keep the watchers out?

Let’s break it down.

Step 1: Detecting the Compromise

Most compromises are detected in one of three ways:

  • You notice strange activity (e.g., emails you didn’t send, Duo push notifications you didn’t request).

  • Someone reports suspicious emails coming from your account.

  • The Information Security team detects unusual login behavior (e.g., logins from unfamiliar locations or devices).

When that happens, your account may be temporarily locked to prevent further misuse.

Step 2: Account Recovery

Once a compromise is confirmed:

  1. Your password will be reset by the Information Security team.

  2. A ServiceNow ticket will created and you will receive instructions via your personal email address on file.
  3. Complete the recovery process. If any issues arise, contact the IT Service Desk or your local tech team.

It’s important to act quickly—delaying could give an attacker more time to access sensitive data or impersonate you.

Step 3: Prevention Going Forward

Protecting your account is a shared responsibility. Here’s what you can do to prevent future compromises:

  • Use a strong, unique password. Don’t reuse it for other sites.

  • Watch out for phishing emails. Never click on suspicious links or share login details.

  • Don’t approve unexpected Duo requests. If you didn’t initiate a login, deny it and report it.

  • Enable login alerts, if available, so you’re notified of access from new devices.

  • Update your recovery email and phone number, so you can be reached securely.

Remember:

Compromised accounts don’t just affect you—they can be used to send phishing emails, steal data, or target your classmates and instructors. If something seems off, report it right away. You’re not in trouble—you’re part of the solution.

Have questions or think your account might be at risk?

Contact the IT Service Desk or your local tech team.

Want to Learn More?

Montclair State University | Information Security Website

Forbes | How To Know If You’ve Been Hacked, From Accounts To Devices

Apple | If you think your Apple Account has been compromised

Google | Investigate suspicious activity on your account