In the last few weeks, many students have received phishing emails that said their bank account was suspended.
The chain of events in this most recent wave of phishing emails started when approximately seven students clicked on the email scams that included links sent out asking for Rollins Outlook login information. This allowed attackers to send out varying emails under the pretense of banks such as Wells Fargo, Bank of America, and Chase Bank.
Christine Cole ’20 is one of the students whose email was hacked. From her personal email, a phishing email was sent under the pretense of Chase Bank. The email most likely reached hundreds of students, as the incident was related to getting her Rollins Outlook (or Office 365) login.
“I received at least 50 emails all at once,” she said. “I received a lot of automatic replies and a couple people who were genuinely confused. A couple people sent angry responses.”
“The ultimate goal is usually monetary reasons,” said Bill Rodriguez, senior information technology (IT) security engineer at Rollins. Cole’s bank account was not compromised.
Rodriguez said this is a common incident for this time of year. Web attackers intend to get users’ login and password information so that the attacker can then log in to the Rollins Outlook with a student’s information, allowing them to send the phishing email out to even more students. Some of the links included in the message were trying to load malware too, Rodriguez said.
Unfortunately for Cole, she did not know that IT was who she was supposed to immediately reach out to. Due to IT’s protocol of disabling accounts and resetting the passwords of accounts that have been attacked, this led to confusion.
“I hated feeling like I was being a bad person and I hated how everyone was trying to tell me what I already knew was happening. It was really stressful to have my inbox flooded for several hours. I was also very stressed that I wasn’t able to change my password or login to any of my accounts once my accounts were disabled. I didn’t know that IT was who I should have immediately contacted or that I could solve the problem so easily over the phone,” said Cole.
IT is working on firmer communication with students, especially when it comes to cyber security. They plan to promote more education through initiatives throughout October, which is Cyber Security Month.
The protocol IT follows to prevent students from falling for scams includes mainly preemptive work. “[IT] builds rules and use scripts in Office 365 that help block these messages from being delivered. We work closely with Microsoft and other schools to update our procedures and help reduce phishing,” said Rodriguez.
They choose not to send out network-wide emails once a phishing email is live. “Since it happens often, we [would] rather not add to the traffic of email by sending emails every time we get a phishing message,” Rodriguez said.
Rodriguez said when students fall for the scams, it often has to do with how the message is framed, as many of the messages “are playing on urgency so that you do something quickly without looking at the message first,” or who the student received it from.
Students should never enter their Rollins password into any login that does not have the college logo on it. Students should also hover over the email’s links, as miscellaneous websites will often pop up, which should be a red flag. Also, check the source of the email; a company such as Bank of America will not send important messages from a personal email address.
If students receive a phishing email, they can report it by forwarding it to firstname.lastname@example.org. “[Our team] is up all hours of the night trying to keep up on everything…We try to get to it as soon as it happens,” he said. Students should visit the IT Help Desk in the library if their account is disabled.
“Phishing is common, and no matter how much technology we put behind trying to stop it, it comes down to being a people kind of thing, and we are working on doing more end-user training,” said Rodriguez, adding that it happens to everybody, not just students.
What you can do is learn how to identify these phishing emails and recover quickly. If you think you gave away your information, change your password immediately and contact IT.