The phishing phenomenon has returned with a vengeance this semester. And this time, scam emails have become increasingly sophisticated.
Students’ email inboxes have been inundated with emails with subject headers meant to blend in with typically received emails. These headers include things such as “Watch this…” or “Tomorrow’s class meeting in JVH!”, complete with a link in the message. While many students and faculty members choose to ignore these opening these emails to begin with, there are some who fall prey to the scam.
Sophomore screenwriting major Ian Thompson was briefly affected by a phishing attack when he opened what looked to be an important email.
“It took me to a new page where there was an error and it didn’t open,” Thompson said. “It was like one of those virus threat alerts that pop up when you use illegal video sites.”
According to IT Director Tim Wilson, the consequences of these attacks can be varied.
“Most of the time user credentials are compromised,” Wilson said. “This information can be used in a number of ways from attempting to infect the machine with malware or a virus to using the account for sending out other spam messages.”
Senior public relations and advertising major Rachel Gates receives phishing emails in her inbox but hasn’t been affected by any yet.
“A lot of them just go straight into my junk mail,” Gates said. “But yeah they’re just super annoying and just obnoxious.”
The method Gates uses to filter out phishing emails mostly boils down to common sense.
“I think that if you know what to look for, they’re sort of in a similar format,” Gates said. “But if you’re just not paying attention and you’re going through quick, I think it’s pretty easy to click on it.”
While IT has no filter solution as of yet to completely block out phishing emails, especially as they become more advanced, Wilson’s tip to students, staff and faculty rings similar to Gates’.
“My best advice is to go back and remember what your parents told you, if it sounds too good to be true, it probably is,” Wilson said. “I just add ‘Don’t click on it!’…hey, we can learn things from our parents.”
Wilson also stated that IT has tested a two-factor identification system and introduced it to faculty and staff with plans to soon turn it on for students in hopes that will solve some of the phishing issues.
As of right now, IT has been sending general email messages to faculty and staff about phishing attacks and sends out emails about phishing to students “when appropriate”.
For students affected by a phishing attack, they should go to the IT Help Desk to assess the damage.
“I spoke to IT and they reset my password so it couldn’t be used anymore,” Thompson said. “I just don’t want anyone else to have to deal with this.”