Recover from Phishing: What to do if you think you’ve been phished?

If you think that you may have been phished and your Georgia Tech Account may have been compromised, here’s what you should do immediately.

• Change your GT password immediately at Passport. If you use the same password for any other accounts, change those as well. Change the password for all affected accounts. Create a unique password for each account.
• Check your email’s rules, automatic replies, and signatures from within your Outlook app to ensure they were not changed erroneously at any point.
• Check your Sent Items folder within Outlook to see if there are any emails that you don’t recognize.
• Check your Duo devices and remove any device that you do not recognize or is no longer in use.
• Monitor your accounts closely for any suspicious activity.
• Contact OIT’s Security Operations Center (SOC) to report the incident immediately at soc@gatech.edu.
• If SOC believes that your account has been compromised, it will be disabled.
• If SOC identifies a phishing campaign on campus, all the accounts that received the email will be disabled as a precaution.
• To recover your disabled account, follow the steps in the Disabled Accounts knowledge article.

Need Help?

For more information on reporting a security incident, visit the GT Cybersecurity website.

For technical assistance, contact the Administrative Services Center (ASC) Technology Support at 404-385-1111 or via email at support@oit.gatech.edu.