Castleton University’s Information Technology department put the students and faculty on high alert recently after a phishing scam swept through VSC email addresses.
On April 17, an email from IT was sent out warning about a scam email being sent around the university seeking to steal log-in credentials from students and faculty. The subject of the email was a threat, saying, “Action Required — Final Reminder.”
The content of the email included a link which led to a mock-up of the VSC portal log-in page. The page looked shockingly similar to the actual site except for a few small details. Had the students logged in, their username and password would be compromised.
“A lot [of these scams] you can see right away that it’s a phishing scam, but that particular one, because they had been so careful to make the portal look like ours, we were very concerned,” Jonathan Czar, the LAN/Systems Administrator explained.
In today’s technologically advanced world, scam emails striving to gain personal information about people have become quite common. Otherwise known as phishing, these emails can be very deceptive and easily fool users. Luckily, according to Czar, no one’s log-in information was compromised in the recent scam.
He estimated that at least a couple hundred people at the university received the scam. The chancellor reported that it was linked to an overseas source, which is common.
Unfortunately, phishing scams are not uncommon at Castleton. It is not too difficult to access emails, set up a mock log-in page, and send a link with a threat or a warning to people in order to intimidate users into giving up usernames and passwords. From there, scammers can log-in to the system and steal private information.
Czar revealed a number of different examples from the past in which a phishing scam hit Castleton. They varied in complexity, ranging from generic phishing emails to narrow target phishing emails.
Many were basic emails from random email addresses asking for you to give up a username or password. These usually included a threat, such as, “We are going to turn off your account if you do not log-in.” These are considered generic phishing emails intended for any audience.
Others are much more sketchy. One example that Czar displayed came from Microsoft, which could easily deceive people into thinking that it was legit. However, the link provided was for Google. It is never safe to click on suspicious links.
Then, of course, there are the more targeted ones. One example showed how someone spoofed former university president Dave Wolk’s email. This particular scam was only sent to Nell Ellis, Director of Payroll and Employee Services, asking for copies of all Form W-2’s from 2015. Ellis was able to recognize it as a hoax because Dave Wolk never went by David and the email address the scammer provided was questionable.
That instance shows how much research some scammers do to get what they want.
“What [the scammers] did was they went to our website, they figured out who the president was, they figured out who the director of payroll was, and she’s the only one who got this message,” said Czar, almost surprised.
Castleton does have applications that hope to prevent this from happening more in the future. Czar pointed out that the VSC email services includes a spam filter which is programmed to identify messages that could be phishing scams.
Thousands of easily identifiable messages are blocked daily through that filter, but occasionally one can slip through. If it does occur, there are some red flags that you can look for to see if the email is legit.
“You should always look to see who the ‘from’ address is,” explained Czar. He added that you must look beyond the sender name and find the address the e-mail is sent from to see if it is actually a VSC address.
You should also check the content of the email. “An official email…is proofread, the English is correct, the punctuation is correct, that’s something to look for.”
When it comes to personal information, IT services will never ask you to go through a link. Any links that request personal information, as well as any threats making sure that you click on that link, is cause for suspicion.
Feel free to contact IT if there is any concern. IT encourages people to ask for verification. It is important to ensure that you are giving scammers access to your personal information.