“The email [above] was sent by a hacker who had gained access to an account owned by someone working at company in the area…At first glance, the message appears harmless — the sender’s address is legitimate, and the recipient would normally handle questions about invoices. Clicking on the link, however, would likely install malware on the recipient’s computer that could turn it into a launchpad for more phishing emails”.
Personalized email scams like this example are on the rise as hackers begin to take more time to get to know smaller colleges, and other organizations, at a greater level of sophistication. These scams are no longer “typo-ridden emails with questionable grammar” and vague titles – they now do research to ask recipients questions that would be relevant and appropriate for their title and job description. More and more, hackers are “drilling down, data mining names…looking at branding, messaging, and how we interact with each other” in order to better access personal and financial information.
Excerpts from InsideHigherEd, “Personalized Scam Emails on the Rise” by Carl Straumsheim. To read the full article, click here.
As these concerns grow, we would like to reiterate the email titled “Urgent Champlain College Information Security Message” which came from Ted Laskaris, Associate Vice President of Information Systems, last week. An excerpt is included below, but we encourage all who may have missed the email to find and read.
“Champlain has recently noted increased efforts by outside parties trying to obtain personal information about our employees, and other information, through “phishing” scams. As a precaution, I am requiring that all users change their password immediately. You should change your password again even if you changed it recently”.
We also strongly encourage you to set up 2-factor authentication at the same time you change your password. Over the last year, IS has sent out communications encouraging use of 2-factor authentication. 2-factor authentication will greatly help to protect your personal information and the college’s data. In the near future, Champlain College will require all network logins to use 2-factor authentication. Setting this up today will strengthen the college’s information security resilience. If you need any assistance, reach out to firstname.lastname@example.org.
To learn how to set up Google 2-factor authentication, click here.