疑似異常使用 gapp 服務，暫停coco0514@gapp 信箱帳號

主旨：經 google 通知 coco0514@gapp 帳號疑似有異常行為，故暫停使用，詳說明。

說明：

1. 依據「國立清華大學 計算機與通訊中心 Google Apps for Education 服務使用規範」第五條規定辦理。
2. 請依 google 訊息內容建議，提高您的信箱安全，如執行兩階段驗證等。

計算機與通訊中心
網路系統組 敬啟

User accounts from your domain might have been compromised.
10月7日

The following is an automated security notification from Google about your 
domain accounts.

It has come to our attention that some of your user accounts from your 
domain: gapp.nthu.edu.tw might have been compromised.

The following users in your Google Apps domain appear to be affected:

coco0514@gapp.nthu.edu.tw

We have disabled the users in a way that they can be recovered by the admin. 
Please follow the actions below in order to secure these users.

ACTIONS REQUIRED

 

1. To reset the user's password, follow the steps in this Help Center article:
https://support.google.com/a/answer/33319?hl=en

Inform the user of their new temporary password, and ask them to set a new
 password. (It should not be a password used with any other sites.)  

 

2. To help check whether their account might have been compromised, advise 
users to:
    Check for filters and forwarding rules so that email is not being 
forwarded to suspect addresses.
    Check to make sure their signature has not been changed.

 

BEST PRACTICES FOR SECURITY

 

As an administrator, you may also consider implementing additional security
 features for your Google Apps domain:

 

1. Enrolling your domain in 2-step verification, which offers an additional
 layer of user authentication:
 https://support.google.com/a/answer/175197?hl=en

2. Completing the Gmail Security Checklist:
 https://support.google.com/mail/checklist/2986618?hl=en&rd=1

Additional information about the activity of affected user accounts can be 
obtained by using the Audit API:
https://developers.google.com/admin-sdk/email-audit/?csw=1

 

Sincerely,

The Google Apps Team