Phishing scam hits NIU email server

over 9,000 scams emails sent to students

NicoElNino

NIU was a subject of a phishing scam Tuesday that targeted over 9,000 student email addresses after two accounts were compromised.

DeKALB— Two student email accounts were at the root of a phishing attack that saw more than 9,000 emails being sent through the NIU Office 365 server Tuesday, according to NIU DoIT and NIU Communications.

The emails sent to students solicited part-time employment opportunities with the humanitarian organization UNICEF, which paid $500 per week. After recipients opened the email and provided additional account information, the intruders were able to infiltrate two student email accounts to send more emails.

While phishing incidents are very common, NIU DoIT said that this number of emails successfully being sent was a significant number. 

The email has been removed from the NIU email server and all recipients have been notified of the phishing attack. Those users who responded to the account have also been contacted to properly rescue their accounts, according to Joe King, associate director of institutional communications at NIU.

NIU uses Microsoft Office 365 email protections along with multi-factor authorization on all student accounts to prevent scams such as phishing and other malware. 

If you think that you are a victim of phishing on an NIU account, the university asks you to mark the email as phishing and then forward the email as an attachment to [email protected], change your account password and contact the IT Service Desk at 815-753-8100 immediately to discuss further steps.