Compromised

From XMission Wiki
Jump to: navigation, search

XMission email and how to tell what is going on with your mailbox.

Traditional XMission.com email

When you try to log into https://webmail.xmission.com do you get something like this?
Compromised-1.png

If so, your account may have been compromised and you will need to call Technical Support.


Hosted Zimbra business email

This area explains what happens to hosted Zimbra mailboxes that have been locked due to abuse: https://wiki.xmission.com/Hosted_Email:_Admin_Panel#Mailbox_locked_for_abuse


How mailboxes are locked for abuse

Let's take a look and find out what how this may have happened.

Hackers want access to anything they can get their hands on, including your email! Your account can be abused to send out spam email.

This abuse can be due to any of the following reasons;

  • Successfully compromised by a phishing attempt and shared their password with someone they shouldn't have.
  • Use of a previously compromised password on another Internet site or service.
  • Malware on a computer or device.
  • Rootkit on the computer.

Lets take a look at what makes a bad password

  1. Do not use only letters or numbers
  2. Do not use names of your family members, significant others, or pets
  3. Do not use your phone number, birthdates or Social Security numbers
  4. Do not use incorporate your username or name of the service provider
  5. Do not use any words that can easily be found in a dictionary


Password Criteria & Guidelines

  1. Passwords must be between 8 and 64 characters in length and are case-sensitive.
  2. Passwords must contain a minimum of 1 upper case letter, 1 lower case letter, a number, and symbol.
  3. Secure passwords are long and randomized. Visit https://passwordcard.org or https://ae7.st/g/index.html for random password generators
  4. You cannot change your password to be the same as any of your past 10 passwords.
  5. Never re-use old passwords from other Internet sites, especially those which may have been compromised. Check here: https://haveibeenpwned.com/

Change your password often

We know it may be hard to keep track if you have multiple passwords. However it is suggested that you change your password at least once a year. Some companies require password updates every 90 days. This is a great habit to get into. Lastly, password managers like LastPass, BitWarden, and others, make keeping your online data easier. Many have free and paid options.


Change your Password