If a phishing/spam message originates from an internal, compromised SF State account, SF State should be notified. Compromised SF State accounts can only be resolved by SF State. Microsoft spam filtering does not scan messages sent from one SF State Exchange account to another.
Please report compromised SF State accounts to the ITS Service Desk so we can stop the phishing message distribution as quickly as possible. To report compromised SF State accounts, forward a copy of the message to firstname.lastname@example.org or use the Report Spam and Phishing process. Some messages that look like they are from an internal account are really spoofed messages sent using an external email account. This can only be identified from the message header and the ITS Service Desk can assist in identifying the spoofed messages.