By Kait Bedell & Hanna Babek – News Editor & 1851 Contributor
In recent weeks, the community has received several emails from campus police and the IT department warning students, staff and faculty members of recent phishing emails.
The scam emails have messages which look like they are coming from different community members which talk about possible “termination” of student accounts. The emails prompt students to share personal information on a Google form to “resolve” the issue.
IT Department Director Wiktor Jozwik says Lasell uses the Microsoft 365 system for security, which detects most phishing emails before they even reach the students. He says only about one percent of the phishing emails make it past the security system and into students’ inboxes.
In order to identify a phishing email, Jozwik said students should make sure there is a valid reason to be receiving that email. If there are spelling errors or the format looks different, the student should call the office the sender is impersonating and ask if they had sent out an email.
“A little bit of awareness goes a long way,” Jozwik says.
When it comes to these emails, Jozwik said to confirm that they are legitimate before interacting with them. If something about the email looks different than usual, Jozwik says the best way for students to stay safe is by sending the email to IT to determine its trustworthiness.
The IT Department is using what Jozwik calls the “two pronged approach” to handle these emails. IT has escalated the technical aspect of protecting students by enabling two factor authentication, which prompts students to confirm their identification through a code received by text or a phone call. Per Jozwik, this caused a “huge reduction” in the number of malicious actors gaining access to students’ information.
Although Jozwik said the “two pronged approach” is effective in protecting the community, students have expressed frustration with this.
“I personally hate it because it always logs me out and it’s a nuisance especially when I really need to check my email quickly,” sophomore Maddie Sewade said.
The other half of the approach is education-based. IT is planning training campaigns and initiatives to raise awareness in how community members can protect themselves.
Jozwik emphasized the most effective way to avoid being tricked by these emails is to be careful. He says, “If you have any reason to suspect an email, send it to IT, we’ll look at it, we’ll let you know.”
Detective Lieutenant Richard Heslin said Campus Police and the IT Department monitor nationwide and local alerts of scams such as these.
“As a community, it’s important to report suspected phishing emails to IT immediately and monitor individual accounts for suspicious activity,” Heslin said.
Heslin said although technology is used regularly by the university, he thinks the benefits of it outweigh the risk of “falling victim” to phishing scams.
“It’s important to remember that phishing emails exist and are used because they do work,” Heslin said. “If you fall victim to a phishing/scam email while on campus don’t be embarrassed about it, contact campus police or IT and we will help you work your way through it.”