Spring Break
E-mail scam seeks student information
under guise of MySJSU
Jon Xavier
Issue date: 9/23/08 Section: News
|
Recently, however, some students have received a different sort of e-mail from people claiming to represent the university. The e-mail said SJSU was updating its database and e-mail center, and it would be deleting unused e-mail accounts, according to a bulletin put out by the CMS Help Desk.
Recipients of the e-mail would have to reply with their username and password in order to avoid being deleted, it said.
But this e-mail was not from SJSU. This e-mail was a scam.
The scam, called "phishing" by the University Help Desk, uses mass e-mails and fraudulent Web sites to trick users into surrendering personal information that the scammers can use for malicious purposes.
Phishing is common on sites like eBay and MySpace, but some students were surprised that such a scheme would be used against a university.
"I've heard of e-mail scams, but I've never heard of any e-mail scams hitting colleges like that," said Dan Kouba, a junior photography major. "It seems kind of unreasonable."
"Why would they even want access to that? It's not like they can get any money from you," said Danielle Vlkovic, a senior creative art major.
E-mail scammers can use the information gained from the scam to uncover more information about the users affected by it, according to the help desk Web site. And, since many Internet users use the same passwords for several different Web sites, the damage might not be limited to just the site to which the scammers gain access.
There are a few steps students can take to protect themselves from e-mail scammers.
Students should always be suspicious of e-mails asking for personal information, particularly those from organizations that should already have that information, according to the University Network Services. Students should never use links provided in such e-mails, and should go to the Web site directly instead.
Many phishing scammers change the text in the link to look as though it would take a user to a legitimate Web site, even though it actually leads somewhere else.
A lock symbol in the status bar, meaning that the Web site has been "secured," is generally a good sign, but students should be wary of trusting such sites completely, according to University Network Services. Many scammers actually purchase legitimate secure certificates for their Web sites in a bid for believability.
University Network Services recommended that students verify the certificates and ensure they trust the company issuing them.
Representatives from the University Help Desk declined to comment on the e-mail scam.
Jen Antonucci, a junior marketing major, said she still trusts that the information she gives the school is secure.
"I haven't really had a problem with it," she said. "But I don't really use my e-mail for that. I use my personal e-mail instead."
At least one student, however, said that scamming made her think twice about the security of the university's system.
"I thought it was pretty secure," said Vlkovic, "but now I'm not sure."
Be the first to comment on this story