Phishing in the CWRU pond

Phishing+in+the+CWRU+pond

Shannon Snyder / Photography Editor

Seventy-five students were affected by two separate phishing email scams on the weekend prior to Welcome Weekend.

Sam Lehencker, Campus Issues Reporter

On the weekend prior to Welcome Weekend, Aug. 18-19, 75 students were affected by two separate “phishing” emails sent out to case.edu users by entities masquerading as CWRU’s Information Technology Services (ITS).

The content of these emails included requests for users to reply to the messages with their CWRU Network IDs and passwords. Another phishing attack, occurring that same weekend, asked that users reply with CWRU Network IDs and passwords on a Google form. The email also contained text baiting users to view a private message from an old friend wishing to get back in touch.

ITS was quickly alerted about the phishing scams and worked with Google to get the forms removed from the web.

This is not the first instance of phishing attacks at CWRU. One scam even included an accurate replication of the CWRU Single Sign-on page. When people logged their information into what they believed was a secure CWRU system, they actually typed their Network IDs and passwords into a spamming database.

There are many ways to tell if an email is a phishing message or a legitimate directive. Phishing emails usually have some standout qualities.

Most appear to be sent by legitimate organizations, but recognizing a few red flags will help to ensure that you are not spammed.  Phishing emails almost always contain requests for your confidential information.

Spam emails may contain a sense of urgency like, but not limited to, threats of account deactivations. Spam emails can also contain links that urge you, a little too desperately, to click on them. It may also contain a link that looks like it connects to a valid website but redirects to a spamming site.

To avoid the bad links, you can scroll your mouse over the link and the real URL will appear in the bottom corner of your browser or in a pop-up box. The biggest red flag is incorrect grammar and spelling.

Emails from ITS and CWRU will never ask you to provide both Network IDs and passwords. The ITS service desk may request your Network ID, but will never request your password. If you see one requesting both pieces of information, it is definitely a phishing email. ITS does contact users about their technology account, usually to remind users about password expirations.

If you believe you responded to or received a phishing email, please call the ITS 24/7 Service Desk immediately by calling 216-368-HELP. Make sure to change your password at help.case.edu.