A wave of phishing attacks has caught the attention of Miami University students and staff in recent weeks.
According to Joe Bazeley, information security officer, the university typically sees one or two of these scams each month. But Miami e-mail accounts were bombarded with three different attacks in the one-week span between March 25 and April 1.
Cathy McVey, senior director for strategic communication and planning, said the first of these, which claimed to be a sweatshirt giveaway, was convincing because it borrowed wording from a legitimate university e-mail.
"The first one was a concern because it used the same language as Housing, Dining and Guest Services used in December," McVey said.
Another e-mail told students their mailbox quota had been exceeded. After clicking a link, students were prompted to give their UniqueID and password. McVey said legitimate university e-mails would never ask for a student's password.
Bazeley said there would have been no way for a student to know the first e-mail was fraudulent until they clicked the link.
"It pretended to be a Miami site but it was hosted outside Miami," Bazeley said.
While the fact that the site was hosted in the Netherlands was a red flag, Bazeley said some university surveys actually are hosted outside Miami. He said because it is difficult to tell what is legitimate, students should be careful when they click these kinds of links.
"If anyone has any questions at all about an e-mail they have received, they should call the support desk," Bazeley said.
When a student reports a questionable e-mail, the support desk will respond to the individual to let them know if the message is legitimate. If the message is illegitimate, they post information about the scam as a Blackboard announcement.
Bazeley said he advises students to be wary of any offer that sounds too good to be true.
Enjoy what you're reading?
Signup for our newsletter
"The number one thing is just to be skeptical," Bazeley said.
If a student accidently gives out personal information, Bazeley said the proper course of action depends on the type of information.
He said in a case like the recent phishing scams in which a student gave out their password, the student should change not only their password but also their secret questions.
If credit card numbers or social security numbers have been given out, IT services refers the individual to outside resources.
McVey said recognizing scams is harder now than in the past.
"It used to be obvious," McVey said.
Misspellings and improper grammar along with suspicious word choices made it easier for people to notice if an e-mail was unsafe.
"Now, the phishers are getting smarter," she said.
McVey said students who have clicked on a bad link or given away personal information should contact IT services whether or not they notice problems. Problems that result from these kinds of scams include identity theft, malware and spyware and e-mail spoofing.
She said Miami has a system that shuts down a user's e-mail account if an excessive number of e-mails are being sent from their address.
Read More
How one professor and her classes are preserving Oxford’s Black history
By Sean Scott | March 20, 2024Jazma Sutton, an assistant professor of history, teaches The Black Midwest (HST 350Q) and Black Women in America (HST 450D) classes. In both courses, she has students working with the Smith Library of Regional History and Miami’s archives to document and preserve Black history in Oxford.
Miami faculty members recount Freedom Summer in new documentary
By Luke Macy | February 25, 2022After seven years of work, “Training for Freedom,” a documentary highlighting Oxford’s involvement in the Freedom Summer of 1964, premiered on PBS Western Reserve on Valentine’s Day.
“Documenting the COVID-19 Pandemic”: History in the making
By Alice Momany | August 29, 2021In March 2020, Miami University’s archives launched “Documenting the COVID-19 Pandemic,” a collection focused on life during the COVID-19 pandemic.