What to do if you responded to a phishing email or logged in to a fake web page

If you did reply with a username and password to a phishing email, or you logged in to a fake Williams web page your account information is available to the scammer.   Do these things as quickly as possible (preferably from a different computer):

CHANGE YOUR PASSWORD!

Go to:  the Password Changer , login, then change your password.  After changing your password you will need to wait up to 10 minutes before logging into your Williams Gmail account.

Log in to your Gmail account from a browser.  At the bottom of the screen is a link for Details under “Last account activity”. Click that and then click “Log out of all other web sessions”.

Check your settings

  • From the Gear menu choose Settings
  • Check the Forwarding and POP/IMAP tab for a fake forwarding address
  • Check the General tab for a fake Signature file and for a fake Vacation response
  • Check the Accounts tab for a fake account
  • Check the Filters section for fake filters

This may be a good time for you to review the security settings on your Google Account.  Do you have 2-step verification turned on? To check, visit your Google Account settings by clicking on the top right circle and select My Account.  Under the Sign-in & Security section you can set up 2-step verification.

Contact the Student or Faculty/Staff HelpDesk

–  Email  stchelp@williams.edu or desktop@williams.edu
–  Phone 413-597-3088 for students and weekend support,  413-597-4090 for faculty and staff during business hours
–  Forward the email to: spam@williams.edu

The speed at which you can change you password is critical to limiting any damage.  If you are not near a computer when you realize the possibility of your account info being compromised, call Desktop at 413-597-4090
Reporting the email to us is important as well so we can start our internal security procedures. Thank you for your assistance!