Important security advisory–Unexpected confirmation emails


SUMMARY: U-M community members have reported receiving unexpected confirmation emails from email newsletters and listservs for which they did not subscribe.

IA screenshot of notification

PROBLEM: U-M email addresses are generally publicly available, and anyone can use a publicly available email to sign someone else up for a mailing list or listserv. Many mailing lists generate a confirmation email to the email address used to sign up. These confirmation messages are what U-M community members are receiving.

ACTION ITEMS FOR OWNERS OF UMICH EMAIL ACCOUNTS: The best course of action is to not respond to these unwanted confirmation emails. Instead, do the following in U-M Gmail:

  1. Click on the email in your inbox

  2. Go to the More menu (3 dots in the upper right corner of the email) and left click.

  1. Select Block. You may get a prompt (see image top left).

block screen
  1. If you see this second prompt, select Block (see bottom image left) to mark future messages from the sender as Spam.

In general, the best protection is to not click suspicious links in email. Do not open shared documents or email attachments unless you are expecting them and trust the person who sent them. For more information, see Phishing & Suspicious Email on the U-M Safe Computing website.

QUESTIONS, CONCERNS, REPORTS: Please contact ITS Information Assurance through the ITS Service Center.