Have you noticed messages in your sent folder that you didn’t send? Did your co-workers receive strange emails from you? If so, your U-M account might be compromised, and you should take action immediately.
Change your UMICH (Level-1) password
- For instructions and tips, see Choosing and Changing a Secure UMICH Password.
- You should also set new security questions if you had previously set them in UMICH Account Management.
A compromised U-M account is considered an IT security incident that should be reported. See Report an IT Security Incident.
Monitor your accounts
- Check your U-M Google email for suspicious activity. Make screen shots showing any settings that have been tampered with to include in your report of the incident.
- Check your other U-M services Check your U-M email for suspicious activity. For example, look for files in your U-M online storage spaces that you did not put there.
Turn on two-factor for Weblogin
Your password needs a partner! When you turn on two-factor authentication for Weblogin (the login page for Wolverine Access, U-M Google, U-M Box, and more), anyone trying to access your account must provide two proofs of ID:
- Something you know, such as your password.
- Something you have, such as a passcode, a phone, or even a mobile app.
For more information and links to helpful resources, refer to What to Do if Your Account is Compromised.