When a phony e-mail asking for user passwords filtered across the MSU Webmail system June 1, the MSU Academic Technology Services team knew they had to deal with a problem.
Phishing attacks, or attempts to fraudulently gain the personal information of students, faculty and staff, are reported to the ATS team about two to three times per week, and the numbers seem to be increasing, said Katherine Ball, ATS communications manager.
The team is considering making spam separation the default option for the new Webmail system to be released this fall.
“There is talk of making it the default option with more and more instances, and it might be in the best interests for now,” Ball said. “Whatever we become aware of we block right away.”
She said fraudulent e-mails commonly ask for personal information, such as credit card numbers and account passwords, and contain an immediate tone.
“A lot of it is the language and the tone — if they immediately ask for your information, that should be a sign,” Ball said.
Richard Enbody, associate professor of computer science and engineering, said the cons are becoming more sophisticated as technology improves.
“This kind of attack has been around for years, and it’s not necessarily increasing in intensity, but in quality,” Enbody said.
“They can make their page look exactly the same as the MSU (Federal) Credit Union page, for example.”
Robert LaRose, professor of telecommunication, information studies and media, said users should never click on the link.
“If there’s a URL given, independently verify it,” LaRose said. “The other way is to Google the name of the organization they’re from and contact them directly.”
Support student media! Please consider donating to The State News and help fund the future of journalism.
