Hackers attack campus emails
January 17, 2018
Students and staff alike clicked the links in the phishing emails that were sent out last semester. As a result, the victims were left freaked out and stressed.
Phishing is the fraudulent practice of sending emails pretending that there is going to be a bad consequence if the person does not act immediately, thus scamming people into giving out personal and private information.
John Dunning, chief information officer, said that there have been a number of phishing occurrences in the past, but the one in the fall was particularly bad.
“This one was particularly bad in a couple respects,” said Dunning. “Number one, they used an account inside Wayne State to do the phishing, so we had a couple of students whose accounts were compromised.”
Brandon Eckmann, NATS IT lead, said that there had been a phishing email sent after Thanksgiving that compromised a student’s email and used it for the phishing attacks.
“We actually got a notice from the University of Nebraska that said they had detected this phishing email because it originated from their campus, and they said that some people on (our) campus had received it,” said Eckmann.
Dunning said the accounts were used to initiate the phishing attempt, creating more of a complication because there are protections set up at the edge of the email system, to protect students and staff from phishing.
“We had just under 100 people actually contact us and say ‘Hey, I think I’ve done it. What do I do?’” said Dunning.
Dunning said that even though he did not know the exact number of people who answered the email in the fall, he was aware that there were over 300 password resets during the scam.
“There’s also a feature that, when an email comes from the outside, it security checks any URLs that are in that email, and helps us to make sure that we are only going to places we know are safe,” said Dunning.
He said the security checks aren’t fool proof, but they do help.
“Once you’re inside, those protections are no longer valid,” said Dunning. “So you’re inside the system. You have full access to the address book, and you’re sort of inside the gates of the castle, and that makes it a little more challenging for us.”
“We contract with a company called Barracuda to do spam filtering at the edge of the network,” said Dunning.
He said that there are two ways that Barracuda detects spam. One way is the cloud, where campus emails go first. The second is when the spam is on campus.
“There were two (phishing attacks) last semester, sort of within the same week,” said Dunning. “We found out about the first one in about 30 minutes.”
Dunning said they were also able to get a warning email out within those 30 minutes. He said that he first found out about it by receiving an email from a colleague saying it seemed as though the campus was getting phished.
“Within about five minutes we had a team of people assembled, and we were looking at ‘where is this coming from’ and ‘let’s disable the account that’s sending it,’” said Dunning.
He said that there were people who called in for help, but the majority of people just changed their passwords.
“On the second round, we were on it in about seven minutes,” said Dunning. “And we had the account disabled almost immediately.”
He said there were still about 80 people that answered the email the second time around.
“We are actually looking at implementing inter-organizational email scanning,” said Eckmann. “Meaning that emails sent back and forth amongst people within Wayne State will also be scanned for things like spam and phishing attempts.”
He said the best way to detect fraudulent emails is to look at the URL when they are brought to the webpage. The URL and webpage showing different things is a flag to know it’s not legitimate.
“It just goes to show that you can’t be too careful online,” said junior Sean Dunn. “Anybody with the right tools can and just might take your information to use to their own benefit.”