An email sent to UW-Whitewater students Oct. 10 by a professor inquiring babysitting services created questions about student’s online safety.
The email turned out to be from online scammers trying to get personal information from students. This is a process called “phishing.”
Email phishing is an attempt by a spammer to get someone to give up information or do something on their behalf according to Tom Jordan, UW-Whitewater’s network operations manager.
Email phishing attempts “often come from other countries” without privacy laws, Jordan said. Jordan said the U.S. has good privacy laws and regulations that prevent similar scams.
Jordan said the emails usually talk about credit card or other financial problems, and campuses are most susceptible to emails advertising job offers.
Higher education networks are more open than corporate networks, because “students are not employees but customers,” Jordan said. “[This] makes it more challenging to find the appropriate set of controls.”
No phishing scams are directly targeted at UW-Whitewater, but some like the recent email students received, are more likely to work on a campus, since students often look for job opportunities, Jordan said.
Ten to 100,000 email phishing cases occur in a single day, but UW-Whitewater is able to stop about 96 percent of these emails from ever reaching students, Jordan said.
“[Whitewater] is not unique as an organization in line with what other industries see,” Jordan said. “Email phishing is a problem everywhere.”
If a student ever receives a questionable email, their first step should be contacting the UW-Whitewater Technology Support Center Help Desk.
Adam Hufnagel is the supervisor at the Helpdesk.
“Our role is basically to handle the incoming and outgoing communication surrounding the phishing attempts,” Hufnagel said. “The actual action is taken, and actual formal documentation is done by Tom Jordan’s group.”
From there, Jordan and his team can add the email’s sender to their system, so no one else receives emails from them.
Jordan said it is difficult to completely stop the senders, because they constantly change their web addresses.
Network controls can only do so much, so the best way students can protect themselves is to stay informed, Jordan said.