POSSIBLE ACCOUNT TAKEOVER in an Email Subject Line
If you get an email from the MAILER-DAEMON@johnshopkins.edu email address with the text "POSSIBLE ACCOUNT TAKEOVER" in the subject line, here's what you need to know:
This is an anti-phishing mail filter from the JHU mail system, albeit somewhat poorly-worded.
This email means that a different email to your JHU email address looked like a phishing email. The email message that triggered the alert will be attached to the email in a file named OriginalMessage.txt
.
It is important to note that the email does not mean that you account has been compromised. It means that someone tried to compromise your account by sending you a phishing email in the hopes that you would enter your account name and password into the attacker's website. As long as you have only used your password on official JHU and CS login websites and SSH hosts, your account should be safe. (If you are concerned that your account credentials may have been leaked, please see Changing Passwords On The CS Linux Systems for a CS account or Contacting JHU IT Support for a JHU account.)