Established 1826 — Oldest College Newspaper West of the Alleghenies

Prevalence of phishing scams increase on campus

By Elizabeth Jacobs, For The Miami Student

The cybercrime of phishing is making an appearance at Miami and has consequently affected its students and faculty.

According to Joe Bazeley, Miami's information security officer, the problem is students and faculty aren't able to recognize a phishing email when they see one, or users respond to the emails because they perceive them to be legitimate.

"Phishing is when you attempt to trick people into giving you their information," Bazeley said. "Phishers will use tactics like using someone's account to send that person's contacts more phishing messages. They can also scare recipients into acting quickly by threat."

While phishing has been an issue at Miami and colleges since the birth of the Internet, Miami saw an increase in this activity last summer. While the number of Miami students and staff who received the phishing messages is unclear, many personal accounts were compromised, or "hacked," Bazeley said.

The IT services at Miami have created a webpage with further information on the telltale signs of phishing. In response to National Cyber Security Awareness Month in October, IT services also released several October newsletters highlighting many students' downfall in falling for the phishers' tricks.

Among the students who have received phishing emails is first-year Andrew Almquist, who has received the messages through more than one medium.

"I've gotten one through Facebook, Twitter and email," Almquist said. "I just immediately deleted them because they didn't look like real messages. Somehow, though, my email account was hacked and I ended up having to change my password in order to reset my account."

Having his email account compromised, Almquist said he felt tricked and deceived.

"I felt scammed, like they were just trying to get money out of me and interrupt my life," Almquist said.

A large uptick in phishing messages began in June. A total of 629 accounts were compromised. If each compromised account then sent another 500 corrupted messages - a likely consequence, Bazeley said - as many as 300,000 phishing messages could have been released throughout campus.

In addition to the rapid increase in phishing last summer, phishing is a daily problem at Miami today, even with a complex cyber security system in place. While cyber security protects many computer users and their financial accounts, it can only go so far.

"There are specific messages that get transferred around the university on a daily basis. Our security makes sure to prevent as many instances of people responding to the messages becoming affected as possible," said Randy Hollowell, Miami's senior communications and web coordinator.

There are ways for students to protect themselves, and distinguish between phishing messages and harmless spam.

Examples of phishing emails have fallen under several categories: a coercion to view a document, a claim that the recipient's mailbox is full and needs to be renewed, a generic link to click, or a counterfeit bill.

"Most of the phishing emails or messages we've seen have a link that they want you to click on to either compromise your account or to take you to a form they want you to fill out with your personal information," said Hollowell.

Recognizing these dangerous emails or messages is the best way Miami students and staff can protect themselves, Hollowell said.