Alerts Phishing

InfoSec Alert: Email Attacks

Increase in Email Attacks

The Office of Information Security has received increased reports of phishing attacks with the sole purpose of stealing and using login credentials to access University email accounts. When the attackers gain access to an email account, they can download the contents of the mailbox and/or send out spam in an attempt to compromise other accounts in your contact list.

Over the coming weeks, the university is going to make some changes to how email is accessed. Outlook on the web and the Outlook mail client that supports multi-factor authentication using DUO will be the approved methods for accessing university email. All other methods will be reviewed and disabled from connecting to our email service.

An additional change will be the placement of a banner (pictured below) on messages that originate outside the university.

This banner will appear in the first line of the message body, stating that the email originated from outside the university. The banner will be a visual reminder that a message is not from a Washington University account, and links or requests for information should be evaluated with additional caution.

If you have any questions or additional information, please reach out to us directly at infosec@wustl.edu.

Additional Resources

Information about phishing
Setting up email in Outlook

Recent posts about phishing

Phishing Alert: Fraudulent Student Job Offer
Free Gift Phishing Scam
External Email Notification Helps Identify Phishes