Event thread is sorted in reverse order, with the most current notice at the top of the thread and the original post at the bottom.
After consulting with our security vendor and Google to investigate the reported phishing message, evidence points to the spammer taking advantage of Gmail settings and not any user credential compromise.
IITS still recommend to folks who received the message to take the precautions previously noted in the orignal message.
Over the holiday weekend a spammer has been sending student Gmail accounts a phishing message noting that they had access to sensitive personal information and seeks payment in Bitcoin. The message starts off by stating "I am sorry to inform you that your device was compromised." IITS is advising students who receive this message to take no action to contact the scammer. IITS recommends that if you have not done so to change your password, turn on Gmail's two-factor authentication, and scan your devices for malware.
IITS Information Security personnel are investigating to determine the nature of phishing attack and updates will be posted here. If you see any suspicious messages, please do not open the email and forward it to firstname.lastname@example.org.