Editor in Chief
It’s happened before and they’re here again: Fraudulent emails are targetting students and anyone with an @plu.edu account.
In the last few weeks, the Pacific Lutheran University Help Desk has been receiving reports that email alerts disguised as Instructional Technology Services emails were sent to students explaining that their account would be frozen if they don’t confirm pieces of information.
The questions include the student’s name, email, phone number and ePass password.
It is important for students to know and understand that the Help Desk has a policy against and will never email them for personal information. All account issues and handlings will be done through the ePass site or in person if a student needs help from ITS.
Phishing emails are emails meant to trick users into revealing sensitive information, according to the Help Desk blog. They describe the emails as a masqueraded email coming from a fake official source, claiming to either have important information or claiming a user’s “account will be terminated” unless they give their password and other information.
“As noted on the blog, the most important thing we can do to render these waves of “phishing” emails ineffective is to educate our community of the signs of a “phishing” email, such as: spelling and grammatical errors, odd punctuation, or vague and strange claims about your account access or storage capabilities,” Help Dest Technician Student Supervisor, Cassandra Gramstad said.
PLU students are being targeted because the school accounts are all linked. Therefore, when the group sending out the fraud emails obtains someone’s login information, they will have access to thousands of other student’s emails and can then try to contact them as well.
“All of the fraudulent emails that are going out are the result of spammers who have gained access to PLU emails,” Gramstad said. “These emails occur when the account in question is compromised, as PLU accounts all have the ability to send out emails to hundreds of other PLU accounts.”
Once a student’s account has been hacked, it seems the spammers are using the accounts to spam more people. Once the spammers have a sufficient number of accounts stocked up, they can start sending out spam emails to other people. Often times ITS will cleanse an account and find that it has been altered to look like a bank or a school or a credit union, according to the Help Desk alert published Feb. 9.
If you or someone you know has been targeted by the scam, contact the Help Desk or ITS at 253-535-7525.