DeKALB – Hundreds of email accounts were compromised during the week of finals, leading to students receiving a flood of emails aiming to discover their protected online security information.
Bob Barton, director of information security at NIU, said the phishing attack started with a simple email to a handful of people.
“It was a job offer and one student gave information that was sufficient to allow someone to get into their mailbox,” Barton said.
The phisher, a person who conducts phishing attacks which attempt to trick users into revealing personal information like passwords, took advantage of the mailbox and sent out emails to over 100 students.
“About 111 accounts showed what we saw as signs of compromise,” Barton said. “If we see that, we will go in and do an investigation.”
Barton said some types of information are most vulnerable with compromised accounts.
“Immediately, you start to talk about billing information,” he said. “It depends, of course, what they’ve saved there.”
NIU accounts which are tied to other personal accounts containing valuable information are also vulnerable.
“Instead of them looking inward toward NIU, they look outward towards your bank if they get a reason to do that,” Barton said.
Barton said there are around 20 different phishing attempts in an average week, with one attempt potentially being capable of large-scale damage.
“We see a lot of phishing attempts during any given week,” he said.” When we see them, we delete them. If we don’t see them, that means Microsoft has got them.”
Some emails are more obviously fake than others.
“For a while there was a ‘Russian oligarch’ trying to get oil out of Russia,” Barton said.
While the IT department at NIU cannot track or locate the perpetrator, there are still ways to contain the situation.
“There is such a quantity of phishing attempts coming from India, Eastern Europe, North Korea, et cetera, and it is just beyond our capability to trace it back,” Barton said.
As methods of combating phishing evolve, so do the techniques of phishers.
“I meet and talk about trends and things like that with the FBI and other people in my position, like a chief information officer,” Barton said. “We do try to share techniques.”
Barton said the evolving techniques of phishing scams are dangerous.
“We do try to change how we monitor, but the hackers are changing their techniques as well,” he said. “To them all it takes is one person to bite for them to have an advantage on us. In this case, they were able to get inside and once they were inside, they were able to send out more emails.”
Various phishing tactics involve the use of SMS or infected websites.
“Where I worked previously, someone came around and started putting down job offers using a QR code,” Barton said. “They just put the hard paper in the library and started distributing them that way.”
Barton said he and his coworkers thought the job offers were odd.
“We picked them up, did a little research and found out they were trying to get people to go to the website where it would install a crypto miner on people’s machines,” Barton said.
According to Barton, avoiding phishing scams is about being suspicious of unknown emails.
“You don’t need to open every single email you get,” he said. “You don’t need to reply to every single SMS text you get.”
Barton recommended various solutions to prevent attacks.
“Of course, having antivirus or security software on your computer, on your phone, keeping your phone up to date,” Barton said. “But if you are suspicious, you will probably avoid 99.9% of the problems that are out there.”