In recent cases of compromised account, some victims reported that their emails were deleted or being forwarded to the hackers. The problem was mostly due to unauthorized email inbox rules set up by the hacker. Please follow the steps below to check whether your mailbox has been injected with such malicious email inbox rules:
For HKU staff members, please proceed with the following steps:
- Please login HKU Outlook Web Access (https://hkucc1.hku.hk/owa) with your UID and password (which may be the new password provided by the CF-111 request).
- Please click on the Gear button and select “Options”.
- Please choose “organize email” from the left menu and select “Inbox rules”. If you find any rules which are NOT set up by you, please “TICK” the rules and click the “Trash” button to remove them.
- Please also check the missing emails from your “Deleted Items” or “RSS Feeds” folder on the left menu. Please move them all from the “Deleted Items” or “RSS Feeds” folder to your Inbox.
For HKU students, please proceed with the following steps:
- Please go to https://webmail.hku.hk, click “CONNECT.HKU.HK” and login with your HKU Portal UID and PIN.
- Please click the Gear button and select “See all settings”.
- Click “Filters and Blocked Addresses”. If you find any filtering rules which are NOT set up by you, please “TICK” the rules and click the “Delete” button to remove them.
- Click “Forwarding and POP/IMAP”. If you find any forwarding rules which are NOT set up by you, please click the radio button next to “Disable forwarding” and click “Save Changes” at the bottom of the page to disable all email forwarding.
- Remove email forwarding rules which are NOT set up by you by clicking the forwarding email addresses and click “Remove ”.