‘Phishing’ e-mail leads to fraud warning from administrators

An e-mail from a fake office asked a student to respond with personal information.

Students who checked their e-mail within the past week could have received a message from a suspicious source.

Mark Karon, director of University Student Legal Service, said a student reported a suspicious e-mail to the office Friday. The e-mail, which claimed to be from the University’s Office of Financial Aid – a fictitious office – was traced to a Gmail account, he said.

Students were told to reply to the message with their student identification number and other confidential information, Karon said.

After Student Legal Service determined the e-mail wasn’t from the University, an e-mail was sent to University students Wednesday night to warn them.

Vice Provost for Student Affairs Jerry Rinehart suggested in the e-mail that students shouldn’t respond with their personal information unless they knew an e-mail was valid.

Computer science and engineering professor Nick Hopper said while he isn’t sure how profitable these scams are, people can make a living out of “phishing” scams.

Phishing scams, according to the University’s Office of Information Technology Web site, are e-mails sent from fake accounts or Web sites designed to fool people into giving out personal information.

Hopper said someone with a student’s ID number could access their social security number and potentially damage the student’s credit.

Whenever students receive a suspicious e-mail, they should reply to the sender to verify who it is coming from, he said.

“Another way to detect e-mail scams is by highlighting a link in the e-mail to see what the URL is,” he said. “If it’s not from the place it says it is, it’s possibly fraudulent.”

Ken Hanna, director of security and assurance at the Office of Information Technology, said this type of scam, which targets students and requests confidential information, is taken more seriously than other fraud e-mails.

Once the office is informed of a fraudulent e-mail, it tries to track down where the message originated and contacts the sender, which in this case was Google.

“E-mails about Viagra or something vague like that are almost impossible to track down,” Hanna said.

However, complaints of e-mail fraud have decreased in the past few years because students disregard junk e-mail more often, he said.

Even though the office has a couple of different ways to protect students from phishing, it would be “impossible” to protect students 100 percent of the time, Hanna said.

Although students were aware of this alert, some weren’t too concerned.

Psychology senior Josh Boortz said he didn’t see the e-mail as cause for alarm. With so many e-mail alerts being sent out this semester, he said he didn’t pay attention to it.

However, Boortz said the fact that the e-mail imposters were able to fly under the University’s radar worried him, and he was curious about what measures are being taken to prevent this type of thing.

“We’re at a large university,” he said. “The possibility that something like that could happen is a little worrisome.”

He said this was the first e-mail alert he has seen regarding University e-mail fraud in his four years here, and if they became more frequent, he would worry more.

Sierra Johnson, a biology sophomore, said she also wasn’t too worried about the alert.

“I just brush it off more than anything,” she said.

Johnson said it was good that the University sent out the e-mail alert to put the minds of potential victims at ease.

“Obviously since they are sending out the e-mails, they have some plan of action,” she said.