Internet hackers 'phish' in University's open waters
Have you received an e-mail from “the University” lately requesting your username, e-mail and password?
“ITS will never ask you for your username and password. No one ever should,” Manager of Network Services at ITS Adrian Morling said.
These communications are known as phishing e-mails where individuals attempt to gain sensitive information by masquerading as a trustworthy entity.
Phishing e-mails are a method used to gain access to the AU network for the purpose of making money through internet scams, Morling explained.
One example of how phishing e-mails work is that the perpetrator sends you an e-mail requesting your username, e-mail and password, then once they have gained access to AU’s system they send out copious amounts of information from your e-mail account. This would be thousands upon thousands of e-mails which contain some form of con asking for the recipients to give money.
The common method for coning the victim continuously changes whether the perpetrators are posing as the I.R.S. or as a prescription pill provider, Morling said.
“First they target a University,” Morling explained.
The reasons for targeting a University are numerous, Morling said. There is no cost to the perpetrator since they utilize the university resources, AU has a “fat pipe” or high capacity band-with and an affective con is extremely profitable. One accessed e-mail account can allow the perpetrator to send out some 30,000 messages and the profitability is clear with 1 bite from a recipient having a possible return of $100,000, Morling said.
Universities don’t have deep pockets to hunt these people down like companies do,
Morling added.
“We have spam filters in place but those e-mails are pretty unique,” Morling said. “We don’t know how they get our e-mail lists.”
A lot of it could be guess work because they try random letter and number combinations, although they will do research, Morling said.
ITS and Morling have been taking steps to combat this problem that other institutions are frequently seeing as well.
“If the number of e-mails exceeds a threshold then I immediately notice,” Morling said.
There is a list of known phishing addresses accessable to subscribed users hoping to combat this problem. So far, 3,762 known phishing addresses have been identified and are on this list, Morling said.
When someone on our network responds to one of these e-mails by providing their information the University becomes blacklisted and is locked out of a variety of e-mail providers, Morling said. These web-based e-mail providers include Yahoo, AOL, MSN Hotmail, Gmail, and many others.
All it takes is one person on campus to respond to an e-mail to get us put on the blacklist, Morling said.
Once the University has been blacklisted Morling must track down whatever e-mail provider they use and get off that list. This may take a few weeks.
A new program has been implemented where if they’re on our list, which we subscribe to, then ITS will block the e-mail and not let you respond, Morling added. ITS has blocked ten e-mails so far while five have gotten through, although this system is automated now.
“A good 75% of all those phishing e-mail attempts are on the list,” Morling said.
ITS is roughly blocking 3700 e-mails if you try to respond currently, Morling said. This program has been up for 6 months and has improved combating these problems.
“What use to take me two weeks now takes 15 minutes,” Morling said.
The important thing to remember is to never divulge information like your username, e-mail or password to anyone, and if you do receive a phishing e-mail contact ITS. ITS can only stop this from happening again if you inform them of it happening from the outset.
