September 12, 2016
If you see something suspicious in your student email account, Information Security advises you to proceed with caution.
“Phishing” is a process where unknown senders get ahold of email accounts to access students’ personal information, such as bank statements. These types of emails are more prevalent at the beginning of the semester, according to Kirk Moore, director of Computing Services.
“It is the beginning of a new year, and the people sending these emails know that students might not be as aware right now,” said Moore.
Defense against spam email and cyber attacks such as these are a priority, said Moore.
Phishing is not a complicated process and is usually run by people or malware that create email messages pretending to be something they’re not, according to UCCS information security officer Tom Conley.
The clutter feature in student email accounts works like a junk mailbox to help combat phishing.
It was implemented once the university started using Office 365, and it serves as a tool to attempt to filter harmful email. It looks for certain terms that may identify it as phishing or spam and sends the email to the clutter inbox as a precaution.
“When we see commonalities in these emails, then we start blocking them,” said Moore.
But, the people behind cyber attacks are very good at getting around the defenses implemented to protect students. Moore said that Computer Services do all they can to catch these attacks before they become a bigger problem.
There are steps that students can take to protect themselves along with the support of the Information Technology help desk.
Students can be on the lookout for links in emails that claim to come from the IT department or other campus departments.
These emails might tell students that their accounts will be deleted if they do not confirm their account information through a link in the email. Students should delete or report these emails, according to Moore.
“IT would never send a link through email to students. If anything was needed from students, there would be instructions as to what action should be taken but never a link that required a student’s information,” said Moore.
Students can also pay attention to the URL, or the webpage where they are submitting their information.
uccs.edu is a domain that phishers cannot yet use, said Moore.
“You might see ‘uccs. com,’ or ‘uccs.net.’ These are warning signs that you are on a site that is not safe.”
The department is continuously working on projects that could create stronger defenses, but those are all in the works for the future. Until then, students should be aware of their cybersecurity.
“We have a responsibility to educate students about this problem, because it will help solve the problem,” said Conley.
If you receive any email that you believe might be phishing, it can be reported to security@ uccs.edu or the IT help desk at 255-3536.