In the recent past, Illinois State has been targeted by phishing scam emails.
These phishing emails instruct you to reply and include your user name and password. They typically say something like this: "Failure to do this will immediately render your email address deactivated from our database."
For more information on these phishing emails, refer to 1364: How to recognize phishing emails targeting Illinois State University.
You Sent Your Password in Email
When you replied to a phishing email with your user name and password, you sent that information to a phishing spammer. The spammer now has access to your account. This is called a "compromised account."
Spam is Sent From Your Account
Once the phishing spammer gains access to your account, he or she logs in to RedbirdMail and uses your account to send more spam. Hundreds or thousands of spam messages might be sent from your email account.
Compromised Account Detection
The mail server detects compromised email accounts, such as those being used by phishing spammers. If your account has been compromised by a phishing scam, action will be taken to secure your account.
Action Taken on Your Account
First, you will lose access to email. To regain access, you must change your password. After changing your password, log in to email. You will see an email notification which discusses your compromised account and includes important information on how to resolve the problem.