Phishing for your information

Dara Fillmore -- The Stinger

Some phishing emails are made to look authentic, but the poor spelling, vague facts and often bizarre reasoning should be a giveaway that this is a fraud attempt.

Spammers can jam up e-mail, attack and take over accounts, steal credit card information and hassle UWS students. Phishing attempts like these are sent to students every day. But there are ways to keep spammers from taking more of your time.

According to UWS Director of Technology Infrastructure Services Tom Janicki, a spammer can be anywhere in the world, and can find any email address that has been posted on the Internet to send junk mail. If a spammer sends out hundreds or thousands of e-mails, he or she is bound to have some responses. If a person receives a spam e-mail and replies with personal information or clicks on a link, the spammer then knows the e-mail address is active, and can gather more information.

Once the account is compromised, the spammer can send more emails; often those e-mails that may look like actual technology services updates or other “helpful” information and can ask people for more personal data. This may include asking for names, passwords, addresses, credit card numbers and even banking information. Some will even send an e-mail from which a student might choose to “unsubscribe,” but if you never signed up to receive that type of e-mail in the first place, clicking to unsubscribe may give the spammer information you don’t realize. If the spammer gets any of this information , he or she can take over the e-mail account, sending even more spam, or can use the information taken to make purchases on credit. Of the 15,000 to 30,000 e-mails sent every day on UWS e-mail accounts, 80 percent is spam.

“The spammer may pose as a trusted person, such as tech services, and might say that the e-mail account has run out of space,” said Janicki. From there, he pointed out, it’s up to the student to take initiative and do one of two things. Either delete the email without responding, or forward the email to the UWS tech services help desk (

Joe Kmiech, director of technology support, said that forwarding phishing emails to the help desk will help UWS students receive less spam in the long run. Once the help desk knows about each new issue that arises, they can get started on blocking that spammer from the system so it is harder for them to continue trying to take advantage of students. But if the students give spammers any info, they will have a little work to do.

“If students give away their e-mail information, the spammer can set up rules in the account so the student won’t be able to see it,” said Kmiech. “Then the spammer can send e-mails that don’t go to sent items and the student has no idea what is happening. We get a list of accounts to lock out because of this, and then we can make contact with the students or faculty, educate them on what is happening, and get them up and running again on a new account.”

Another type of e-mail that many UWS students considered spam was the political e-mails sent to students leading up to the November election. According to Janicki, these e-mails are considered legitimate, and the school has no interest or right to block them. He did think that the political campaigns must have had a lot of extra time and funding on their hands to be able to harvest so many student e-mail addresses and send donation requests. Students who wish to opt out of receiving political e-mails can learn how to block certain types of e-mails if they would prefer not to receive them.

Kmiech and Janicki both work hard at giving UWS students and faculty the resources to know how to deal with issues that arise in campus e-mail accounts. “You can whitelist, blacklist – you can train devices to start blocking certain kinds of e-mail,” said Kmiech. He said that technology services at UWS has not and will never ask anyone to supply any personal information, like a username and password, by e-mail. Any e-mail requesting that information is a fake. “The whole campus has to be observant,” said Kmiech. “We want to help educate faculty and students because e-mail users are our first line of defense against phishing attempts and spam.”

Print Friendly