William & Mary

Be Cautious about Phishing


Recent phishing attempts have tricked people into providing their W&M credentials causing W&M to be blacklisted from email servers.

Full Description

We have been experiencing several issues with email due to users supplying their WMuserid and Password in recent phishing attacks.  Some of the attacks were more sophisticated than usual because they included W&M logos and branding.  They asked you to sign into a web page that also mimicked a W&M site or offered bogus W&M services.  Logging-in to that site supplied the attackers with W&M credentials and turned compromised W&M accounts into spam-bots.

For that reason, W&M email was "blacklisted" by mail servers all over the world and the messages you send may be rejected. Engineers have done what they can to quarantine the dangerous emails and prevent additional phishing attempts, however, if you have email forwarded to a non-W&M account (Gmail, Yahoo, etc.) the forwarded emails are still active and unaffected by our preventative measures.  They will continue to cause problems.   Engineers are also working to remove W&M from the various blacklists, however, their efforts are hampered as users continue to respond to these phishing attempts.

If you identify a phishing email, forward it immediately to [[abuse]].  The quicker a phish is reported, the quicker IT Engineers can act to quarantine it.  If you responded to a phishing email, please reset your password immediately!

More information about phishing