Responding to Potential Workstation Malware Infections

This page is about common problems you may experience on your workstation. In short, be very careful about any offers or notices randomly popping up on your computer asking you to surf to some random website, change your password or get help.  You might be encountering a malicious website or your computer may be infected with malware.  Stop before clicking or entering your credentials and think about the following:

  • Were you expecting to see this pop-up and link?  If not, don't click! 
  • Are you repeatedly getting unwanted pop-ups telling you that you have a problem with a piece of software, your computer is running slow, or there is some other problem with your computer? Avoid these!
  • Have you been randomly offered technician help by a web browser pop-up?  Don't take this help!  Also, never let someone remote into your computer unless you have personally contacted the vendor (called their support number, or gone to their website by personally typing in the vendor URL (e.g., https://support.microsoft.com/).  
  • If you are asked to enter your credentials or change your password from a pop-up or random website, don't! 
  • If you are enrolled in multi-factor authentication, and are using the Microsoft Authenticator App, do not click on Approve unless you are expecting to authenticate.  Otherwise, you may be authenticating someone who has stolen your password.  
  • Are you seeing any of these behaviors repeatedly?  If so, you device may be infected with malware.   

If you see these problems, you have a few actions to consider.  If you are using a University provided computer, contact the ATUS Help Desk. You can discuss the problem with them and they will run the necessary tests to determine why you see a behavior. If you are running your own system, we suggest you use your antivirus/malware prevention software to scan your system and seek help from your computer or application vendor. 

If there is any doubt your credentials may be stolen, try changing your password from a different device.  Hopefully, the second device is free from malware.  Using one of the University lab computers is always a good idea. You may have spyware on the device where you are seeing the suspicious behaviors.