Don't share your NetID and password with anyone, not even your parents or your Admins.
Use a different password for each online account you have.
Accounts can be compromised several ways: virus infection, phishing, weak passwords and sharing passwords.
Duke’s IT Security Office monitors logs for suspicious activity on accounts, looking for unusual log-in patterns. If suspicious activity is found, they will lock the account. The user will then have to call the OIT Service Desk to pass a credential check and have the account unlocked.
To minimize your risk of a compromised account, check your online account regularly, change your password regularly, and use different passwords for your online accounts.