Credential Theft Explained

This is a common tactic used to steal your password.  Attackers will lure you into logging into a malicious website in an attempt to retrieve your user ID and password.  Often attackers will use invoices, document retrieval or phony IT notifications to coax users into logging into fake landing pages.  Falsified Office365 login pages are just one example.

How to identify account compromise

The following may indicate that your account has been compromised.  Notify your local helpdesk if:

  • You receive email "bouncebacks" or "undeliverable" messages from mail you don't remember sending
  • You can't send e-mail
  • You've stopped receiving e-mail
  • You have inbox rules for forwarding or redirecting mail that you don't recognize

How to avoid becoming a victim

  • Become familiar with VCCCD login URLs, and verify the link matches.
  • Hover a link before you click it.  Don't recognize it?  Don't click it.
  • VCCCD IT will never ask you for your password
    • If your account is compromised, we may change your password for you.  You can then use the portal's "forgot password" link

VCCCD Login Examples

Outlook Web Access (OWA)


Outlook Web Access

Microsoft Office365


Office 365

VCCCD Portal


VCCCD Portal