Email, phishing, credentials
July 1, 2025
University Technology Services has become aware of an increasingly common tactic among malicious actors to gain control of legitimate email accounts in order to conduct phishing campaigns directed at other targets. Oakland University email accounts, for example, might be hacked in order to send seemingly legitimate emails to recipients at other institutions and ultimately gain access to sensitive information.
With this tactic comes a greatly increased need to be aware of phishing email attempts, and – most importantly – to avoid disclosing email and other account credentials. Failure to do so could lead to individual email accounts or institutional email – such as any account ending in @oakland.edu, for example – being blocked from acceptance at various institutions.
Any Oakland University faculty or staff member who learns that their email messages have been rejected by particular institutions should report this to https://support.oakland.edu.
Faculty and staff who have not yet done so are also strongly encouraged to complete SANS training to increase their awareness of a host of data security threats and how to avoid becoming victim to them. The training platform in scheduled for an update in July and additional information will be provided to the campus community as it becomes available.