If your NetID password is stolen and your NetID is used to send email spam, there can be a number of warning signs:

• You start receiving large numbers of messages that were rejected by spam detection systems or returned due to bad addresses.
• You get complaints from people who think you sent them spam messages. (Note that this can also be the result of someone forging your email address, but not using your email account.)
• You find messages in your sent folder that you know you didn’t send. The spammer using your email account may not clear out copies of the messages that were sent.
• You are missing email that you saved or that you know was sent to you. Sometimes the person using your email account will delete all your stored messages so you don’t find copies of the spam emails that were sent out, or the rejection and complaint emails sent to you.
• You see unexplained changes to your Outlook Web Access (OWA) or Who I Am settings. The spammers may change the name that appears in messages sent from your account, the signature you add to the bottom of messages, or even how your email is routed.

Your email isn’t the only indication. Here are some other signs your NetID password may have been stolen:

• Your password stops working. Someone may have changed it, to stop you from resetting it yourself.
• You note unexpected changes to your personal university information (address, phone number, benefits, schedule, etc.).
• You suspect that one of your non-Cornell online accounts (at a bank, store, blog, etc.) may have been compromised. Any compromise could potentially put your NetID password at risk, especially if you use your NetID password for that service (a bad practice).