If you fall victim to a phishing attack, you should take the following steps to ensure that your account is secure.
Change your password
If your account is still accessible, change your password as soon as possible. The longer someone has your credentials, the more harm they can cause.
Mark the message as junk
If you still have the phishing message, mark it as junk. Right-click on the message and select "Mark as junk".
Check your signatures
In an attempt to phish additional victims, attackers may add links to your email signature.
Check your forwarding rules
Some attackers may set your account to automatically forward all email to an account they control. Check to make sure that your emails are not being forwarded to another address.
Check your filters
Attackers may add filters to hide their activity from the account owner. Check to make sure that no new inbox rules have been created.
If you provided any personal information when responding to a phishing message, you may be at risk of identity theft. Please visit the Security Awareness site for more information on recovering from identity theft.
Check for sending block
After a successful phishing attempt Microsoft may have blocked your account from sending to email accounts other than W-Exchange (Gmail, AOL, Yahoo, etc…). You can test this by sending a test email to your personal email account, if your W-Exchange account is blocked you will receive an email from Microsoft stating so. If this is the case please respond to the email you received in regards to this incident, generally from email@example.com, or call the Help Desk at (269) 387-4357 option 1.