UNF ITS department alerts students, faculty of an increase in phishing emails

Spinnaker

By: Rebecca Hoart, Contributing Writer

 

Source: unf.edu

The UNF Information Technology Services department issued students, faculty and staff an email phishing warning in the Jan. 11 Osprey Update.

Phishing is any attempt to deceive a person into giving personal information with the intent to use it illegally, according to the U.S. Computer Emergency Readiness Team website.

“I’ve heard of phishing, it’s like those emails you get that say, ‘You have to see this: funniest video ever,’” said Nathan Baxley, a UNF English junior.

While those emails can contain hidden viruses, phishing emails lure the recipient to disclose personal information in an attempt to gain access to financial accounts.

In late Dec. 2011, unknown hackers illegally obtained a UNF email list and sent phishing emails to the addresses in an attempt to obtain personal information, according to UNF Director of Information Technology Services Jeff Durfee. Multiple UNF ITS staff members, including Durfee, refused to comment on how the hackers obtained the list, for security reasons.

Durfee said this was unrelated to the Sep. 2010 incident in which hackers stole the personal information of 106,884 UNF students, alumni and applicants.

“We get [phishing emails] all the time, but there was a notable increase in the volume we were receiving,” Durfee said. “We don’t keep count, but we were getting thousands of phishing emails within a short time period.”

Of all the phishing scams reported to the ITS department, five people responded to the emails and had their accounts compromised.

Baxter said he deletes anything he doesn’t recognize in his inbox. He said he is aware of the dangers unsolicited emails could contain.

“When I had a Facebook account I got a lot more [phishing messages] than I do now,” he said.

Phishing emails range from amateur to professional in design. Some could appear to be sent by a bank with a logo and a link that takes the recipient to the actual bank website. However, the user will eventually be asked to enter his or her account credentials in a compromised space, Durfee said.

Phishing has evolved into a highly organized criminal venture that brings in considerable amounts of money. Most operations are located in foreign countries and target the United States, far from the reaches of American law enforcement, according to an official report on phishing at the U.S. Department of Justice website.

People who send these emails are professionals who work on volume, Durfee said. They send out millions of emails asking for accounts to be updated, threatening account closure and any manner of scheme to get account login information. Durfee said they are after money, and one response can give them all they need to empty a bank account.

UNF uses email to communicate with students, faculty and staff. Departments may use email more often than snail mail or telephone to communicate.

“Email is our main form of communication with students concerning their accounts,” said UNF Cashier’s Office Head Cashier Heather Strange.

Strange said she has yet to hear of any phishing attempts that posed as the UNF Cashier’s Office.

There isn’t much that can be done to prevent getting the emails, but knowing what to look for and how to avoid becoming a victim of phishing is a matter of awareness, Durfee said. He said legitimate institutions will never ask for passwords or personal information in an email.

“If you get an email from your bank alerting you of an issue, contact your bank directly,” Durfee said. “Never respond to an email that provides a link. You have no way of knowing where that link will actually take you.”

Durfee said he recommends deleting emails that look unfamiliar. He also suggests a critical approach when viewing unsolicited email.

“I will stress this as much as possible,” Durfee said, “don’t respond to emails that ask for personal information.”

Email Rebecca Hoart at [email protected]

 

The UNF Information Technology Services website offers an extensive amount of phishing and spam e-mail information. The site includes examples of phishing scam attempts and tips on how to protect yourself. Go to unf.edu/anf/its/security/Phishing.aspx for more information.

 

Check out this animated digital short about the article you’ve just read. It was created by students in the Applied Journalism class at UNF.