Skip to Top NavigationSkip to ContentSkip to Footer

Mailsploit Email Scam

There is a new email exploit called Mailsploit that is used to spoof the sender of an email. The sender can spoof who they are, making the recipient less suspicious of the email they received.  This issue has affected more than 30 email applications, including Apple Mail for macOS, iOS, and watchOS, Mozilla Thunderbird, Yahoo Mail for iOS and Android, Microsoft Outlook 2016, and Mail for Windows 10 among others.

Exploits like this are a good reminder to verify who is sending you an email before you click on links within the email, before you open any attachments from the email, and before you send them any kind of reply. If using a software installed on your device for email, ensure it is the latest version.

For faculty and staff, remember to look for the *EXT* in the subject line. If you receive a suspicious email you can use the “Report Suspected Phishing” button enabled through Office 365. The button enables you to report an email as phishing to IT Security. We will then review the email and contact you. Directions for this can be found here:

Report Suspected Phishing

Mailsploit lets hackers forge perfect email spoofs
Mailsploit: New email exploit could permit sender spoofing