By Kristen Miller
Many Eastern students, faculty and staff received an e-mail Jan. 20 from Eastern asking them to confirm their EKU account information. It stated if they didn’t do so, their account would be shut down. Not long after the message circulated, another e-mail was sent to Eastern’s campus from the Information Technology department. IT’s message warned of a bogus e-mail that pretended to be Eastern asking for account information.
The first message sent was not from Eastern and is what IT calls a “phishing SPAM” message.
So what exactly is phishing?
According to IT’s Web site, phishing isn’t just “bogus” e-mails but can also be fake Web sites that circulate in order to gain private information from individuals accounts.
“Phishing is very common, not just on college campuses, but everywhere,” said IT Director Ed Riley. “Criminals are attempting to get accounts to perform illegal activities. More and more phishing, virus, spam and spyware activities are controlled by organized crimes.”
These criminals create fake accounts in order to gain others’ account information, according to the IT Web site.
Many of the e-mails may have logos attached to them that make individuals think what they are getting is legitimate.
IT’s Web site lists sites such as Paypal and eBay that may be used for Phishing.
“Everyone needs to be aware of phishing and what to look for,” Riley said.
Some ways for students to recognize phishing e-mails are to look for generic greetings that do not use a first or last name, according to the Web site.
Also, many fake e-mails might make a response seem urgent, such as the e-mail that went out to Eastern students.
Fake links or e-mails that appear as Web sites and attachments are just a few other warning signs to look out, which are possible red flags for phishing
According to Riley, there were about 100 Eastern e-mails that were affected by the fake message that went out to the school, Riley said.
“I decided that we (IT) should send a warning because someone could think that it came from IT,” he said.
He said messages sent from IT will never ask for someone’s ID number or their password by e-mail.
To protect e-mail from phishing e-mails, Riley suggests putting their filtering aggressiveness on a stricter setting.
“This service traps suspected e-mail destined for your inbox,” Riley said. Students, faculty and staff can go into this at any time and adjust the filter, or review messages that may have been flagged to see if they are actually a threat.
And one of the easiest way to protect yourself is to never give out personal information, especially over the Internet.
Also, never provide a password or a PIN number to a request online.
For more information on phishing, ways to recognize it and ways to protect yourself against these fake e-mails, visit IT’s Web site at http://www.itds.eku.edu/email/.