Phishing emails cause problems for WKU students, faculty and staff

Phishing email

John Reecer

Phishing emails have troubled WKU students and the university’s faculty and staff during the summer break as several email accounts have been compromised.

Phishing emails are designed to acquire sensitive information such as usernames, passwords, and credit card details, often for malicious reasons, by masquerading as a trustworthy entity in electronic communication.

This spurt of recent emails has duplicated aspects of WKU’s site or logos that make the emails look more authentic to students.

Chief Information Technology Officer Gordon Johnson said, ““It was a variety of different scammers,” and that this problem is not new.

“We get phishing emails into both the student email system and the faculty and staff email system constantly,” Johnsons said. “Maybe in June or May, I am not sure which month it was, one of those months we had a spike in this. We probably had between 10 and 20 compromised student accounts.”

Johnson said that phishing emails usually come in spurts as WKU’s firewall catches most of the troublesome emails. However, if students access their emails off of campus, the phishing emails will not go through WKU’s firewalls.

“These scammers are really tricky, because what they’ll do with a lot of email accounts once they get the credentials is they will log into the accounts and they will prevent the account from getting any new receipts of emails coming back so whoever’s account it is may not know immediately that they have been phished,” Johnson said.

Most of the users who fall for phishing emails are students as faculty and staff doesn’t fall for them nearly as frequently. Johnson said this is because “it’s easier to educate the faculty and staff about the dangers of phishing than it is the student population because the student population turns over a lot more frequently and there are a lot more of them.”

The biggest danger with phishing emails is that once you get a successful phish on a student account, you get access to anyone in the address book. Once the scammers have access to a student’s address book, phishing emails are then sent out to the faculty and staff.

“What happens is most faculty and staff don’t fall for them,” Johnson said. “They send it to [email protected] and our [email protected] email accounts, and they will email me and people in IT.”

“What we have to do about them is that we have to go in and disable that student’s account and they have to change their password,” Johnson said. “What we also do is that we block any URLs that are in those emails so even if you fall for it, you can’t get to it, but that only works if you are on campus.”

Johnson said that it is just not possible to block every all the phishing emails as there are “too many things about a phishing email that make it hard to block.” However, he did say the IT department was able to block a lot of spam.

In trying to get students to exercise more vigilance when it comes to phishing emails, the IT department sends out a security bulletin once a quarter to try and warn people about all the dangers of phishing.

Also, the department’s twitter account tweets out examples of phishing attempts as Johnson said the main problem with the entire situation is “user education.”

WKU’s firewalls are programmed to block emails that contain certain URLs that have caused students to be phished, however this does not stop phishers.

“Of course, that is a never-ending battle too because these guys are constantly their email addresses and URLs they use,” Johnson said. “It’s just an ongoing battle.”