Email phishing scam attacks SHU accounts
A broadcast email sent to Seton Hall community members on March 18 warned of an email phishing scam that has recently affected several people within the University.
According to the message from Daniel Svitavsky of Information Technology Services, emails with the subject “MailBox Quota Exceeded” were from an address outside the University with a link to an outside web address.
“While we are constantly updating and improving our anti-spam countermeasures, a small amount of spam, including some phishing attempts, do occasionally get through,” Stephen Landry, chief information officer of IT Services, said.
Phishing scams, which often appear to come from a bank, the University or someone familiar, are created to trick people into giving out personal information such as passwords, credit card numbers and Social Security numbers, which are then stolen by identity thieves, according to the broadcast email.
The University has a spam filter which prevents 95 percent of spam of this type from reaching users’ inboxes, according to Landry.
Further delivery attempts are being block and existing messages that have been delivered are being deleted.
According to the University’s IT blog, one should never send sensitive information such as passwords, credit card information, birth date, or banking information through email. When in doubt, recipients should contact the Help Desk and not click any links in the email or respond if they do not look familiar.
Many fraudulent emails sent to the University try to imitate popular websites in order to trick the recipients into giving out information.
The attackers use information for many types of fraud, such as credit card fraud, withdrawing from the victim’s bank account or even providing the victim’s information if the attacker is ever arrested, according to IT Services.
According to the blog, the University will never ask for information such as Social Security Number, date of birth or password via email.
Charlotte Lewis can be reached at email@example.com.