Having access to your email password means a scammer could have access to your entire life.
In the past year, Auburn University has had increasing problems with online scamming known as spear phishing.
Spear phishing is when a hacker sends an email from a friend or business that you know pretending to be them. It’s from the same scammers who want access to your credit card and social security number.
“They will address it to you and use your first name and maybe only send it to a select number of people,” said Mark Wilson, manager of information security. “It will seem like it’s coming from a legitimate organization or from your friend or professor.”
A couple Auburn University students were recently the victims of a spear phishing scam.
“What happened was the students fell for a scam were they act as a mule,” Wilson said. “The scammer says, ‘I’ll send you a check for $1,500, you deposit $500 and keep $1,000 and then send another check to a different person.’ Then when they deposit the check the bank says it’s bounced and you suddenly owe $1,500.”
Bill Miaoulis, information security officer, said there are key factors to look for in emails to determine any red flags.
“Be very careful when checking emails,” Miaoulis said. “You may get one that says it’s from jaygogue@auburn.edu but really it’s a fake email address that scammers have masked to look like president Gogue’s email account. Another one targeting students is with job situations. People will say they need your help with payroll processing or offer an internship and ask for you to confirm information.”
Wilson warns against ever typing in your password in an unknown site. He recommends never using your Auburn University password as an identifier for other sites.
“And just be aware that your professor is never going to email you asking to verify your password,” Wilson said.
Miaoulis said hackers have even learned to create entire websites that resemble a website we see daily.
“Sometimes a hacker will take a legitimate website and change one word slightly,” Miaoulis said. “So an example is instead of ‘auburn.edu’ it will be ‘auburnuniversity.edu.’”
Another popular scamming method is known as ransom. Ransom is when attackers sneak into your network and hold your files for ransom.
“They encrypt your machine so that you have to pay them back to get all of your files back,” Miaoulis said. “Just be careful, especially with emails saying they are sending you money.”
Wilson said the Office of Information Technology has been working to combat these recent scams. But according to him, there isn’t much to be done.
“Auburn University gets hundreds of thousands of emails a day that are just junk,” Wilson said. “It’s very difficult to block everyone because everyone is different. A lot of times when faculty get scam emails they forward them to us and then we run an analysis on it and block it in firewall.”
Wilson said the problem with email scams is that hackers are becoming too smart.
“It’s happening more and more because people are the weakest link,” Wilson said. “We can do all the tech stuff, but if they get to the human, the human is the weak link.”
Miaoulis said that is why he believes educating not only students, but the community on online safety is important.
“The third floor library has a help desk where you can go and get your computer checked for viruses,” Miaoulis said. “But I just really tell people you have to be careful.”
Do you like this story? The Plainsman doesn't accept money from tuition or student fees, and we don't charge a subscription fee. But you can donate to support The Plainsman.
