Tech experts urge caution
ICIT: Recent surge in phishing emails suggests hackers are getting more creative
March 15, 2017
Hang on for a minute...we're trying to find some more stories you might like.
Email This Story
It’s good to have a healthy sense of paranoia when it comes to receiving and opening emails.
This is the message the University of Wisconsin-Whitewater’s Instructional, Communication & Information Technology (ICIT) has for students.
Amid an increasing frequency of phishing emails — potentially malicious messages sent out to mass numbers of people for any number of purposes — experts within the ICIT department are urging students and faculty members to exercise extreme caution when managing their email accounts.
In recent weeks, ICIT has identified and eliminated a multitude of malicious emails. The sources of these messages have found new ways to break through the university’s barriers, or firewalls, designed to block malicious emails and safely keep confidential information in.
“We’re hoping to increase awareness of security information,” ICIT Information Security Officer Louann Gilbertson said. “We want to be a resource for students, because threats are constantly changing.”
Gilbertson added that she hopes more students will think to report instances of malicious emails.
A step-by-step walk through for students and faculty on how to identify and report potentially malicious emails can be found on ICIT’s website.
What are malicious emails?
Malicious emails generally contain a message claiming to be urgent and requires users to follow a link to a website or respond with certain credentials or other information.
Messages presenting non-existent employment opportunities are common. The best way to handle messages containing job offers is simple: If it seems too good to be true, it isn’t.
“If it just doesn’t seem right, don’t go there,” Gilbertson said.
Other messages might ask for users to buy a product for an upcoming reward.
In some cases, phishing sources pose as legitimate officials, which is where things can get tricky.
Messages may appear to be sent from an official university email address and contain a simple warning: Be careful of email scams.
To the untrained eye, this may look legitimate, however there are a few red flags to watch out for.
• An official message from ICIT or the Help Desk urging caution will generally have the same content as a scam, but there may be spelling errors in a false email, which is a dead giveaway.
• Copyrighted emails are usually scams. Legitimate organizatons will not copyright emails.
• Many scams try to replicate legitimate addresses by using a similar address. A phishing email that reached UW-W students on March 1 was sent from an address with a domain of “uww.edu.ru.” The last two letters signal that this email was sent from an account with a Russian domain. In almost all cases, an email sent to an American student from a “ru” domain is fake.
• Some sources even use legitimate domains in place of others. For example, the difference between certain domains [(dot) edu, org, gov and com] is huge.
• Emails containing embedded links without much description of where you’re going before you click on the link are usually scams. All emails sent from ICIT or the Help Desk will always inform students of the steps to follow after clicking the link within the email itself.
A game of cat and mouse
Email scams targeting UW-W accounts are mostly mitigated, with somewhere around 99 percent of them never even reaching students or faculty members. But the ones that do get through the system can still pose a threat.
It’s a bit of a cat and mouse situation, ICIT communications specialist Ben Kroeplin said.
ICIT is constantly hunting down malicious emails and removing the content from servers, but the sources behind the messages are always finding new ways to evade security measures.
Students who receive an email they believe is suspicious or harmful in nature should immediately forward the message to [email protected]
But ICIT is concerned many students who receive Phishing emails are simply deleting them, and not reporting the incidents, allowing the sources behind the messages to remain undetected and continue fishing around UW-W’s email servers for various reasons, whether that’s credit card information or access to students’ accounts.
“In general, some people worldwide may be losing revenue or are subject to identity theft,” Kroeplin said.
He added that ICIT does not want to see UW-W students or faculty become victims to malicious emails or other forms of online hacking.
“The individuals behind the malicious emails are getting more creative,” Kroeplin said. “They’ve been doing their homework.”
How are hackers getting creative?
Aside from the common malicious messages detailed previously, sources behind the attacks don’t always target people online.
When Pokemon GO dropped in July last year, there was an increase in frequency of muggings nationwide, as having so many people walking around while distracted allowed certain people to prey upon this vulnerability.
Individuals behind attacks might also seek to gain access to credentials of other people, in order to gain access to all of their contacts, financial information and all other available resources.
Phishing sources sometimes use email credentials to contact users’ friends or colleagues, hoping to trick them.
“Even links from friends could be phishing attacks — if their credentials were hacked,” Gilbertson said. “If you aren’t sure about something, ask.”
‘Throwing a wide net’
Potentially malicious emails are rarely, if ever, targeted at one person.
In most cases, mass emails are sent out to entire servers-worth of people in hopes of hooking one person and reeling in their information through trickery–similar to fishing, in that sense.
Hence the term: “Phishing.”
Because one person might become a victim of malicious emails or other forms of hacking, it might seem as if they were individually targeted for this reason.
“They [hackers] tend to throw a wide net,” Gilbertson said. “They play the game quite well.”