Phishing attacks continue to plague campus
By Konye Obaji Ori | Staff Writer
“I logged onto Zimbra and had an e-mail saying that my inbox was at capacity and to change the settings and that I should follow the IT department link in the e-mail in order to send a request,” Junior Hillary Wenning said. “It sounded legitimate, though I only had about six e-mails in my inbox at the time, so I should have known better. Little did I know—it was a phishing hoax.”
Financial or personal information theft, password theft and cyber virus attacks have become issues of concern at UIndy, as students and staff continue to respond to internet hoax e-mails commonly known as phishing.
“We still have students and staff calling the Help Desk, complaining that their inbox messages have been wiped out, or they have viruses in their computers, or their Zimbra accounts have been blocked. This is because they have responded to a phishing e-mail,” said Patrinah Ahmad, Information Systems technical support manager.
According to Michelle Duman, director of client services Information Systems, these anonymous scammers phish for personal financial information like credit card numbers or bank account numbers, with the intention of accessing these accounts and either stealing money directly or purchasing items at your expense. However,usernames and passwords are just as valuable. When they obtain this information they can send spam through the compromised account.
“In order to do that, they need e-mail accounts that are not blocked by blacklisting agencies—accounts like yours and mine,” Duman said.
While some of these hoax messages are obvious to most people, some of the messages are becoming well-written and look legitimate, except for very small clues.
Because the scammers now target university domains, Information Systems, as part of National Cyber Security Awareness Month, distributed fliers, posters and postcards to the campus to raise awareness.
“We can never prevent phishers from phishing, so awareness is our most important tool,” said Jeff Russell, chief information officer. “These hoax e-mails are coming, so the UIndy community must be aware.”
Despite the awareness on phishing attempts, password and information theft are not the only internet security issues the UIndy community has to worry about. According to Duman, other e-mail based threats still exist.
“I lost access to my e-mail,” Wenning said. “The phishers, according to the IT people, changed my “reply to” address and adjusted a few other settings and took control of my account.”