Some students and faculty have recently fallen victim to a surge in phishing scams, which can compromise private information stored on their St. Thomas email account.
”Phishing” is the term used to describe hackers that mimic reputable sources, like a St. Thomas email address, in order to gain access to information. The university’s Information Technology Services has been unable to pinpoint the exact source that initiated the recent surge in phishing incidents.
“I just woke up one morning and I had 4,500 unread emails that were all fraud,” said sophomore Emmelyn Affeldt. “I didn’t even realize that it had happened.”
Justin Klassen, a student employee at ITS, said he is not sure whether the phishers gained information from any of the accounts, but he believes chances are very high.
“The sole purpose behind the phishing is to collect information and use it for their own profit,” Klassen said. He added that clicking a link in a phishing email puts any accounts synced to a student email, such as bank information, at risk.
In some cases, the only way for ITS to combat this issue is to shut down entire email accounts.This leaves students without their account and resources, but the phishers no longer have access to the accounts, either.
One sign of a phishing email is a threatening subject line. Examples include: “Verify your information now or you will get logged out of your account,” and “Your password is expiring.”
The main way ITS works to mitigate these scams is through students forwarding what they might see as a fraudulent email to email@example.com.
Klassen advises that you refrain from attaching your school email account to information involving any bank accounts or private passwords.
“St.Thomas and ITS never ask for your username or ID. They also never send out emails saying your password is about to expire,” Klassen said.
Klassen emphasized that students and faculty should not open links in emails from unknown senders. ITS has been tweeting out examples of the fraudulent email subject lines so people know what to look out for.
“Whatever you do, do not click the link,” Klassen said.
Justine Bowe can be reached at firstname.lastname@example.org.