UIT Alert: Undeliverable Mail Messages

Current Status

ResolvedUIT Security Alert: Undeliverable Mail Message problem continues.

Affected Services

  • Email (Exchange)
  • Email (mail.uh.edu)

Event Updates

IssueUIT Security Alert: Undeliverable Mail Messages
February 21, 2013 , 11:00 AM

Issue: Many campus users are reporting receipt of mail notices reporting undeliverable e-mail messages.  These messages may have subject lines such as “Delivery Error Report”, “Undeliverable Mail”, etc and may have links or attachments.  These notices imply that the user has sent messages they are not aware of to unknown recipients.  Many users are concerned that these messages represent that their email account and/or computer has been compromised.

 In these cases, the user’s email address was most likely “spoofed” – an action where the sender’s address on the messages is altered to  appear as though the message originated from a different source.  The user’s account was not used to distribute the message, although the message was made to seem that way which is why the user received the delivery error notification.  Spoofing is usually done by the same people who also send out spam messages.

 What UH is Doing:  Where possible we are identifying the source of these messages and working with ISPs to stop them.  We are also working to ensure that messages are flagged as spam (***SPAM***) as appropriate.

 What You Should Do – Recommended User Actions: 

*Do not click on any links or open any attachments associated with the message.  Delete the message.

*Make sure your computer is kept current with all of the latest software patches and anti-virus updates. 

*If you have additional concerns that your computer may be compromised, follow-up with your local IT support and/or IT Security.

ResolvedUIT Security Alert: Undeliverable Mail Message problem continues.
March 13, 2013 , 4:35 PM

For details, see information for this issue from February 21, 2013. 

What UH is Doing: UIT continues to work with ISP’s to stop spoofing, and continues to flag spam (***SPAM***) messages as appropriate.

What You Should Do – Recommended User Actions:

*Do not click on any links or open any attachments associated with the message.  Delete the message.

*Make sure your computer is kept current with all of the latest software patches and anti-virus updates.

*If you have additional concerns that your computer may be compromised, follow-up with your local IT support and/or IT Security.”