Director of User Services for Lafayette Information Technology Services Chris Koch sent out an email earlier this month to the Lafayette student body to warn them of the dangers of phishing. That same day, a phishing email had snuck through ITS’s filtering system.
In his email from Sept. 8, Koch defined phishing as “a technique used to trick email recipients into providing their credentials such as their Lafayette NetID and password.” The ITS website adds that “successful phishing results in identity theft.”
The phishing email, also sent out that day, appeared as a “lafayette Tech Alert.” The email said that in order to maintain one’s emails and documents on the Lafayette server, they had to reply with a name, username, password, telephone number and email address. A warning email from the real Lafayette ITS was released shortly after, telling students not to respond to this phisher.
“Each semester we typically see a handful of compromised accounts [after phishing incidents],” Director of Digital Infrastructure William Thompson said.
In this instance, a few students, although Thompson did not know how many, did respond to the phishing email.
“If you suspect that you’ve fallen for a phish … contact the help desk and change your password,” Thompson said. “[The] help desk can follow up and see if your account has been accessed during that time.”
“There are black markets for valid credentials, so people try to harvest credentials and sell them on the black market,” Thompson said. He explained that phishing is a common problem faced by other institutions.
Koch said the best means of protection from spamming phishers would be to “carefully look at the email, particularly if it’s asking for personal information” and to “have an awareness of what phishing is and to closely inspect the emails and be very suspicious of clicking and providing personal information.”
“Lafayette is always looking for ways to improve cyber security,” Thompson said. “Proofpoint is one of them. Security awareness is obviously another component.”
Proofpoint, the filter used for SPAM emails, is very good at detecting phishing emails, meaning that most of these messages are managed before the student body would ever see them, he added.
Thompson wrote in an email that last month, 85 percent of incoming emails on the Lafayette server were “blocked or quarantined” as “either SPAM or malware.” He said that the number of phishing emails per semester has remained essentially the same over the last two years he has been at Lafayette.
Should an email get through, ITS identifies the sender and blocks the address from any future contact, Koch added. However, he said, even a very good filter for incoming mail is imperfect, so it is best to remain vigilant.
To avoid future problems with email phishing, Koch wrote in an email that he wanted to remind the student body to remember never to email anyone identification information such as passwords because no legitimate source will ask for them.
