MSU spokesman Jason Cody said it’s difficult to keep MSU emails from receiving spam because the university is public and has a public directory. Email addresses can be found online in the MSU directory if a student hasn’t restricted their personal information.
Restricting personal information is something freshmen are specifically given the option to do, Cody said, but every student and faculty member can make the decision at any time so their email address, phone number and street address are not listed in the public directory.
The sheer size of MSU gives people intent on committing cyber crime plenty of opportunities to do so. The more a student uses MSU email, the more it gets out on the Internet.
“There are thousands of servers operating on MSU’s computer network and over 100,000 active devices registered on the network,” Cody said. “All the tools people have — cell phones, laptops, tablets — are connected as well. (These) are all opportunities for someone to try to do something nefarious.”
Every month there are 600,000 attempted network intrusions on MSU’s network. That is not to say there are hundreds of thousands of people attempting to commit cyber crimes. Many of these attempts are automated and MSU’s network security is able to shut out the majority of them with antivirus software and IT support.
MSU police Sgt. Florene McGlothian-Taylor said she isn’t sure why students fall for Internet scams, but information on protecting oneself online can be found on the MSU police website.
Some of the tips from the site include using strong passwords, knowing about copyright and illegal file sharing risks and recognizing what phishing scams look like.
Officials said reporting fraudulent emails to MSU police is one the best courses of action to take.
As the Internet has progressed, so has the sophistication of fraudulent practices online. Spam emails are no longer simple messages promising a cash sum from a different country, they are legitimate looking emails with recognizable letterheads from companies people use, Cody said.
“The people perpetrating these crimes are getting better at it. The emails look real,” Cody said.
Any email asking for personal information is a red flag, even if the email looks to be from a recognized bank or company. The legitimate companies never ask for social security numbers, personal identification numbers or bank account numbers. Calling the bank or company to verify it isn’t requesting information is one form of defense. It also alerts the companies to what is happening.
Students should not open emails that appear fraudulent, Cody said. Many spam emails download malware or other viruses when a person opens the email.
The best course of action is to simply delete the message.
If personal information is compromised online, MSU police have detectives who specifically work in computer forensics. They are able to team-up with IT staff to investigate cyber crimes and can try to trace the email to discover the culprit.
Cody said having those detectives at the police department is key because cyber crime is growing everywhere.
“I think that too often people aren’t as diligent in the digital online world as they are in the physical world,” Cody said.
MSU IT services deferred requests for comment to Cody.
Music education senior Elizabeth Kotnik said she doesn’t receive spam emails often. When she does get them, she doesn’t pay attention to them.
“I just delete them,” she said.
