‘Phishermen’ overseas hook NSU email

   Louisiana is no stranger to fishing as a sport or a hobby. However, Northwestern State University has recently been targeted by a different type of fishing, known as “phishing”.

   A phishing scam is a campaign that an individual or group puts together to acquire sensitive information, such as passwords and credit card details, by masquerading as a person or business in an apparently official electronic communication.

   “Most of these scams originate from overseas. These scams are global,” said Shawn Parr, Lead Information Administrator for NSU’s Information Technology Service. “The email addresses for the incident at NSU trace back to the Republic of Seychelles, off of the coast of Africa, and from mobile phones in Great Britain.”

   “There is always a ‘patient zero’, someone who falls for the original clickbait and puts in their credentials. In our case, student information,” Parr said. “From there, the account is compromised, and it is then used to ‘phish’ for more students.”

   NSU is not the only university reporting this scam. Ohio State University, among others, have all sent out warnings to their faculty and students, urging them to be careful when opening emails, accepting phone calls, and providing confidential information.

   On Aug. 24 and 25, NSU was hit by the first wave of the current phishing scam, through its Office 365 program.

   “Office 365 has spam protection, and it will detect when too many emails are being sent from one account. If it detects that an account is sending spam, it will block all emails sent from that account,” Parr said. “However, whoever launched this attack rotated email addresses, and even knew when we weren’t in the technology office. These attacks are becoming more and more sophisticated.”

   Ron Wright, Chief Information Officer at NSU, has been working diligently to prevent the further spread of these attacks.

   In a recent message to all students, he stressed to never “open attachments from unknown users, open unexpected attachments from known users, enter your username, password, social security number, student ID number, or any other personally identifiable information into a form presented within or from a link provided in an email message.

   “In the most recent attempt seen on campus, the scammer replied to messages in compromised mailboxes, increasing the chance that the user would follow the link, since it was seemingly sent from a fellow student or staff member,” Wright said. “Phishing emails have links to websites that almost identically imitate real websites, like myNSU. This is where the user is prompted to give their information.”

   “The university employs both hardware and software solutions to provide a high level of protection to our users. As a result, we filter thousands of spam messages, phishing attempts, and malware payloads each day. Due to the constantly evolving methods used, education is the best defense against these types of attacks,” Wright continued. “When accounts are identified as being compromised due to a phishing attempt, they are disabled until we are able to ensure that the user has been contacted and their passwords changed.” Remember, when in doubt – just delete it!

Anson Ballow

Share your thoughts