Sven Alskog
News Editor
Within the last two months at Idaho State University over 300 email accounts have been disabled after being compromised by phishing scams.
The scammers behind these ask for personal information, such as a login and password for your email account.
Many times the perpetrators claim that if the email account holder does not respond with the requested information in a given time, he or she will lose account access. There is no time that ISU Information Technology Services (ITS) will ever ask for this information through email, so if you get something requesting, it do not reply.
“We will never ask for a password through email,” said Tony Lovgren, the manager of Information Technology Services, support and systems. “That doesn’t just go for us [ISU] but also for any viable organization.”
Google will also not ask for any personal information through email, mentioned Lovgren. All ISU email accounts are run through its services.
Rather than replying to attempts to gather personal information by hackers, account holders can mark the messages as spam to help get other similar messages captured by the spam filter for all ISU email accounts.
For the current academic year, ITS began sending out emails warning of the phishing scams in September.
“Make sure to never send sensitive information through email, especially login credentials,” said Lovgren.
It is also not uncommon for scammers to use an email address from an ISU account if they have already taken it over due to the previous account holder replying to the phishing email.
However, sometimes the email address can be a giveaway in regards to the message being spam.
“Read the email address,” said Lovgren. “Sometimes scammers can forget to change the address before scamming a different school.”
One example of this occurred in a message from an email account labeled as “Temple University Communications” on March 23 this year.
Even if the email is from an address that you recognize, the potential for a scam still exists.
“Be careful of emails you are not expecting, especially with attachments,” said Lovgren. “If getting email, even from someone you know, with an attachment, don’t respond until you use another source than email to verify that the message is from them.”
To help reduce the future risk of phishing scams at ISU, the ITS program informed incoming students at early registration on April 8-11 of what to watch for.
By informing students, staff and faculty through emails and other means of the potential risk signs, the hope is to decrease the prevalence of phishing scams into ISU email accounts.
Any further inquiries regarding phishing scams can be directed to the ISU IT Service Desk at 208-282-HELP (4357).