Updated: Nov 28
It was near midnight and I was just about ready for bed, until my phone’s abrupt vibrations caught my attention. Messages from students and professors flooded my notifications. Once I opened the message, I received a suspicious box requiring me to type in my password in order to view the content. Unaware, I complied. Instead of getting content, I was sent to multiple ads demanding my email. The next morning, my laptop froze and announced that it was in danger of being damaged due to a detected virus.
Since the beginning of the Spring semester, many professors and students have received questionable messages that are potentially causing software viruses. Many individuals on campus have questioned, where is this coming from?
According to Paubox.com, the most common way emails get hacked are through phishing schemes... phishing is usually done by sending out an email that looks legitimate and sends the recipient to a fake website and has them enter credentials to “verify” information, which is then stolen.
The unknown hacker is known to send groups of emails to student/professor’s inboxes in attempt to hack. The actual emails can not harm accounts or software alone, the idea is to get the reader to verify their information by typing an a password. Once giving the password, the recipient leaves themselves open to be attacked.
“ I would receive those weird messages like five times a day. I never opened them because I felt uncomfortable opening them. But, once I came really close to giving in because the email came from my professor. I started questioning whether if all the emails I got were actually real,”said, Karyme Rivera,19, Childhood Education Major.
“Man in the middle attack” is another form of email hacking. The hacker finds access to past sent/received emails and utilizes the email address from communications to further legitimize their hack prone emails.
“The phishing emails all started by having a student click on a link from a email received from a friend, a professor. It looks like it’s from a friend, faculty member or classmate, that has a link with a blue box saying “click here for more information” or “explain more about this information,” or “read more about this topic.” Once clicking it, the email asks the students to log in their password or username. Once they capture it, they go into their mailbox , log in from the outside and then take other students from their class, or from their distribution list and starts to email them under the students account that has been compromised .
When a student receives an email from somebody that he knows, he doesn’t think it’s a phishing email. Once the student clicks on the link, other students’ accounts get compromised and this is how it spreads. As it spreads, the hacker can send emails using the compromised account without the owner seeing the sent emails” explained Riad Hammoudeh, Manager of Technical Services.
There are multiple ways to identify whether if the email received is real or fake. (1)If a received email is from a familiar student or professor and the content is an ad. (2) If an email requires any form of verification. (3) If the email has a subject reading: (re: System Glitch).
“We are trying to protect the accounts of students. We have been monitoring the emails.We have been working with Microsoft Office 365, to minimize those messages. If microsoft sees a student sending too many emails in a short amount of time, they block the account and inform us. We then contact the student to help them reopen the account with a new password. Even if we kept the compromised account blocked, the cycle continues because students are still answering these phishing emails,” continued Hammoudeh.
“ The cycle continues because students are still answering these phishing emails.”
“ The real problem is education. The students need to be able to identify these kind of emails. If you give your password to the link, the hacker can enter your account and read your messages and access your contact list. Most of the time, people use the same password for all of their accounts. So, the hacker will use that password and try to access social media and bank accounts. It’s important not to have the same password for every account,” said David Zambramo, Associate director of administrative computing.
According to Www. Cyclonis.com, 83.15% of Americans said they use the same password for multiple sites.
PCCC has been taking many steps to inform the students the importance of protecting their information by sending warning emails and holding info-sessions to further educate them on the matter.
I dove head first in the world of hackers and the dangers they bring. The possibilities that can take place when your information is at risk is endless. After speaking with PCCC’s IT department, I took the necessary steps to restart my laptop and change my password. I would never want to feel the anxiety of feeling compromised again. I can only hope my fellow PCCC students and staff understand the threat they can potentially endure when answering an email with negative intent.