Hundreds of spam, phishing and malware emails are sent daily to students and faculty, but only one to two of the malicious emails earn their way into the inbox every month.
IT Systems Administrator Solomon Seal manages the campus email servers, working to block these types of emails before they reach the inboxes of faculty and students.
“A phishing email is an attempt to collect information from a user,” Seal said. “This information could include login credential or other sensitive information such as bank information.”
By researching emails in large databases or breaching email accounts, scammers find ways to gain more email addresses in an attempt to access sensitive information.
Brad Kinder, the college’s information security administrator, works with Seal to configure the campus email servers.
He said scammers send emails from all over the world, constructing them in ways that a spam filter would miss.
Often, Kinder said the emails sent most are ones asking students or faculty members to enter their username and password to update their server or other information.
If a student or faculty member enters this information, both Seal and Kinder advise them to change their password and report it to IT immediately.
“Identify if what it is talking about is something that pertains to you,” Kinder said. “People will question something that identifies itself as a FedEx package and in trying to make the decision of whether it is real or not, I ask them if they’ve ordered anything recently that would go through FedEx. If they say no, then probably it’s not real.”
The campus experienced a jump in phishing emails at the end of 2015, prompting Kinder to send out a few warning emails.
“Over the past few weeks, and particularly the last few days, we have seen an increase in the amount of phishing attempt emails arriving into Franklin College email,” Kinder said in a December 2015 email. “We understand that it sometimes is difficult to distinguish a legitimate email from a phishing attempt. … Be very suspicious of emails regarding holiday deals. Phishing attempt emails often contain many spelling errors and poor document formatting. Be very cautious.”
Seal said these emails are common everywhere, especially for large-domain accounts.
“Report suspected spam, phishing, and malware emails to Microsoft and IT by marking them as junk in your email client,” Seal said. “Be aware – IT will never ask for your password. We will warn you when you need to reset or update your password. This should only be done via a [Franklin College] computer or on our website at password.franklincollege.edu.”