Skip to main content

Bee Active: Report suspicious activity

Bee Active Hero: Woman looking questioningly at laptop

Has your computer ever made you feel like something was off? It could be that one application is running slower than the rest of your computer. Or perhaps an email was filtered to a separate folder using a rule you didn't set up. If something seems suspicious or off, this could be a sign of a cybersecurity issue. Bee active and report the suspicious activity right away. It is better to be safe than sorry.



Did you know Yale has an obligation to report certain security incidents to authorities? And the regulatory clock starts ticking when YOU discover the issue.

Bee active and report suspicious activity right away!

Any suspected security incidents must be immediately reported to the Information Security Office (ISO), especially if you work with HIPAA-covered data.

As soon as you notice an event that causes concern:

  • Contact and provide details.
  • For significant incidents, the Chief Information Security Officer (CISO) will be notified and you will be given instructions on how to proceed.
  • Follow instructions carefully and don’t take any action unless explicitly told to do so by the CISO or designate.

If you're worried about embarrassment or attribution, don't be! The members of the ISO team aren't finger-pointers or your sheriffs. They're your partners in being good stewards of Yale's data and systems.

Mobile device with malware graphic and magnifying glass

What should you look out for?

A security incident can take many forms and cybercriminals are always coming up with new ways to exploit our systems. In fact, Yale has many minor incidents every day and most are quickly resolved with little fanfare.

In order to report suspicious activity, we need to know what to look for. Here are a few common events that might indicate your device has been compromised:

  • Ransomware messages appearing
  • Clicking on a phishing message
  • Missing or unfamiliar files
  • Changes to your device settings or applications
  • Frequent device crashes
  • Devices working unusually slow
  • Browsers (e.g. Internet Explorer, Google Chrome) lagging or redirecting to unexpected sites
  • Changes to your browser homepage or toolbar

Ultimately, we should report any event that causes us to believe something may be amiss.

The Dos and Don'ts of reporting an incident


  • Go with your gut. If something seems suspicious, it could be malicious.
  • Act quickly and report suspicious activity to the ISO right away. Even if it ends up being nothing, it is better to be safe than sorry.
  • Follow directions from the ISO after you report the incident.
  • Report any suspicious or unexpected emails. This can be as easy as pressing a button. Learn how to report phishing emails based on which email application you use.


  • Hesitate to report suspicious activity.
  • Be embarrassed or worried about blame.
  • Talk about the incident with others outside of ISO.
  • Say breach. A breach can only be declared by Yale's Office of General Counsel.
  • Respond to suspicious emails or open any unexpected links or attachments.

Find out more!

Visit our Report an Incident page for information on:

  • Reporting a security incident
  • Reporting a lost or stolen device
  • Reporting a phishing message