Phishing emails flood student inboxes: IT dept. responds

October 13th, 2011

Throughout the past several weeks, students at John Carroll University have received several warning messages about scam emails, known as phishing messages. Messages like these from unreliable sources are known by many to be dangerous and therefore not to be clicked, but what exactly are they?

Michael Bestul, JCU’s chief information officer of ITS, and James Burke, the associate CIO, said phishing emails are scam messages disguised as being from legitimate sources. They are sent by hackers who seek to obtain people’s personal information and passwords in order to hack into their email, credit and banking accounts.

Phishing is a form of spamming, but it is different because it seeks to steal from and hijack accounts of those it is sent to. Since phishing is often national or international, it can be considered a federal offense with serious consequences. The last phishing message halted by the ITS came all the way from Hong Kong.

Due to the size of their networked communities, universities are common targets for phishing messages since thousands of messages are sent daily.

“We have big servers and can be a launch pad to sending out these messages,” Burke said.

John Carroll is a large system in which these emails can go through without being detected. In smaller systems with less email activity, the phishing messages can be detected more easily and quickly weeded out.

“[At JCU,] most of the phishing right now is geared to get email accounts from us, but then typically what they’re doing with those is turning around and trying to get account information,” said Burke.

Many people use the same usernames and passwords for different accounts, so if a hacker gets a hold of one, they can manipulate multiple accounts. These hackers primarily target bank and credit card accounts, so the effects can be devastating to the victims.

Phishing messages are often received by individuals at random, rather than large groups all at once. Those who send the phishing messages do not have access to JCU’s email list, so instead they send the messages to addresses they manage to find on the internet.

To handle the situation here on campus, ITS is warning students and faculty as well as using their filtering systems.

“We do have defensive mechanisms in place,” said Bestul. “Not only the anti-spam filtering, which catches a lot of [the phishing emails] before they even get to us, but we also have an artificial limit on how many emails any one user can send out.”

“In one hour, you can only send 50 messages,” added Burke. This policy limits the spread of any types of potentially harmful emails should they slip through the filters. Faculty and administration on campus can receive exceptions and have distribution lists created in order to communicate with large masses of students.

The tech center has the capability to block messages from certain addresses, but “[the phishing messages] move constantly, so for us to block an address is almost pointless,” said Burke.

Ironically, Bestul and Burke said they haven’t received any calls about students being affected by the messages, but rather warnings about the messages from others so the ITS can block them and take appropriate preventative measures.

Bestul said, “First of all, don’t respond to [the phishing emails]. If for any reason you did, the next thing to do is to go and start changing passwords.”

According to Burke and Bestul, faculty and students at JCU have gotten a lot better at identifying and avoiding responding to phishing messages over the past few years.

It is extremely important to keep personal account information and passwords confidential unless requested by reliable sources. Email is an easy way for hackers to get people to give away vital information. Bestul said ITS promises to never ask for account information, passwords, and personal information via email.