Students have received an influx of phishing emails to their student email accounts.
The emails are designed to hack or obtain information from student accounts and often include phrases like, “your email account has security issues and must be updated immediately” or “please click the link below to reactivate your account to avoid permanent account closure.” Clicking links or replying to these emails can result in hacking, spamming or account blocking.
The emails also sometimes offer jobs to students, offer increased email storage space or request money.
Erika Felix, acting sophomore, said she received a phishing email her freshman year requesting a password reset.
“Me, as a freshman, I was like, ‘oh my god, okay!’ so I did it, but then my phone was going off for an hour, and I had like 600 hundred emails coming in,” Felix said.
Felix said she had to go to campus technology services to reset her account.
Kevin Jones, campus tech IT specialist, said it’s difficult to determine the source of the phishing emails because they can come from anywhere.
“You could have a relative that has your school email just in case, and if they get infected, it comes in that way,” Jones said.
When students sign up for services or websites using their school email, scammers can infiltrate those systems and steal their information, Jones said.
“We get attacked because we’re an institution, and the most important things, of course, are student financial records, so that’s kind of the end game of what phishing emails do,” he said.
Kaiden Maines, acting sophomore, said she receives the suspicious emails about once a month. As soon as she sees a suspicious email in her inbox, she checks her outbox to make sure nothing was sent that she didn’t write.
Jones said they can usually recognize a phishing email by incorrect grammar or links that don’t match what they say they lead to. When campus tech finds those links, they add them to a blacklist.
Felix said because she gets the emails so often, she is able to recognize the signs.
“Now that I see them, I know what it is now, and I just delete them,” she said.
Felix said she thinks campus tech should create more long-term solutions for the phishing.
“I think they’re good in the moment, if you need to fix it right then and there, but the fact that it is still happening is concerning,” she said.
Felix and Maines said they worry about hackers gaining access to their accounts and billing information.
“It worries me because I have a lot of stuff, not only on my email account, but on my student account, and it’s sketchy to me to think they could just go in and send random emails–like what else could they do on my student account?” Felix said.
Campus tech sent an email to the campus community March 9 showing statistics about phishing emails.
“With all the recent attacks that made it through our email system, we wanted to provide some statistics on how many emails get blocked,” the email read. “For every email that makes it through, tens of thousands are blocked.”
The email said the total number of cyber-attacks made in the past 30 days is 49,685. It advised students to delete any suspicious emails and not to click on suspicious links.
If you do click on a link in a phishing email, immediately change your password, Jones said. Campus tech will most likely block your account to prevent other accounts from getting infected.
In that case, Jones said students should bring their student ID to the helpdesk to unblock the account.
“We set it up so that your card is the thing that will unlock it. So, you swipe, and of course we visibly see you as a person, we know it’s you that’s unlocking that account,” he said.
Maines said it is difficult to determine the credibility of the emails.
“We’ve become so accustomed to it being not true that, if it is true one time, we wouldn’t know,” she said.
Jones said students shouldn’t submit personal information through email.
“Honestly, we don’t need any information from you, because we have a lot of information on you, so we would never ask you for that,” he said.
If students are suspicious about an email sender’s identity, they can go to telecom.okcu.edu to verify if the sender works for the school, Jones said.
On the BlueLink homepage, a section titled “Email” warns students of spam, phishing or other suspicious emails. If students are ever in doubt of whether an email is legitimate, they can forward the email to IsitLegit@okcu.edu. Campus tech officials will determine if the email is a phishing email and blacklist the links if necessary. If students believe their account may be compromised, they can call the Campus Technology Helpdesk at 405-208-5555.
Buy latest zeroday exploits