The Office of Information Technology alerted Duke WebMail users Saturday about a series of bogus e-mails being sent to various Duke mail accounts since Friday night.
The e-mails requested users' WebMail passwords in order to verify their accounts.
"These e-mails are referred to as 'phishing' scams and they attempt to get you to enter private information so the attackers can gain access to your e-mail account and other accounts or services," reads the e-mail from OIT, sent around 2:30 p.m. Saturday.
OIT personnel hoped to respond to the attacks by the end of the day Saturday, according to the alert, but their progress could not be confirmed, as Duke IT staff could not be reached for comment Monday.
In a copy of a fake e-mail obtained by The Chronicle, recipients are asked to verify their Duke WebMail account or risk deactivation of their accounts.
"To complete your Account Verification process, you are to reply to this message and enter your password in the space provided (********), you are required to do this before the next 48 hrs of receipt of this e-mail, or your WebMail Account will be deactivated and erased from our data base," the e-mail reads.
The e-mail is signed "Duke WebMail Team."
Get The Chronicle straight to your inbox
Signup for our weekly newsletter. Cancel at any time.