With the UA’s phonebook open to the public on the university’s website, it’s easy for spammers and hackers to find thousands of emails in just a few keystrokes. But UITS has provided techniques that may help students avoid a potential hacking.
A seemingly legitimate spam email is circulating university accounts with the subject line “Urgent Announcement.” The message requests that users need to click a link in order to upgrade their university email account.
University Information Technology Services released a warning about the “upgrade,” saying that neither they nor the 24/7 IT Support Center had sent or endorsed the email.
According Cathy Bates, university information security officer and Derek Masseth, senior director of UITS client and infrastructure services, clicking the link in the message could compromise your personal data, your computer or even the campus network as a whole.
The email is an attempt at “phishing,” a technique where con artists send spam or pop-up messages to lure victims into revealing personal, financial or credential-related information. That information can then be used for hackers to commit identity theft or enter password-protected sites using a hacked account.
The UA’s Informational Security website offers tips on how to spot phishing messages, steps to avoid getting tricked and what to do if a UA community member responded to a phishing email with personal information. UITS advises anyone with a UA email account to check links and make sure URLs are legitimate. One helpful trick, they said, is to copy and paste any link into a browser to check the URL. The URL in the link code may not be the same as the link in the text.
“I’m disappointed in the UA selling our emails and making me sort through over 200 spam messages a day,” said Christina Bischoff, a junior studying ecology and evolutionary biology.
Aedan Morriss-Fregoso, an English senior, said he is fed up with spam messages polluting his university email account.
“There are so many (emails) cluttering up my inbox that I frequently find that I have overlooked or deleted important emails,” he said. “I don’t use my UA email address for anything that isn’t school-related, so this spamming isn’t courtesy of inputting my address into forums on questionable websites.”
If you are unsure whether a message is legitimate or you think your account has been compromised, UITS suggests that you contact the 24/7 IT Support Center. If you think your UA NetID password has been compromised, UITS said that you should go to the UA NetID site and change your password immediately.