Please Don't Feed the Phish-- How to Recognize, Respond to Attempts on Your GEM Account

09/30/2013

Phishing outbreak.  Over the past few days several JSU students, faculty, and staff have fallen victim to “phishing” e-mails.  The effect of someone falling victim to a “phishing” e-mail is felt by both the individual user and all jsu.edu users. When one of our users is victimized, their JSU account is used to send a very high (sometimes upwards of 50k) number of additional “phishing” e-mails.  This causes our servers to become blacklisted and prevents the entire @jsu.edu domain from being able to send e-mail off campus.  The perpetrators always use foreign located computers to perform these tasks.

What exactly is a “phishing” e-mail?  Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity via e-mail.

There are many forms of these e-mails.  The recent e-mails had subjects similar to “Message From Administrator”, “Verify Your Account” and “Update Your Password”.  There are countless varieties of these messages.  They are designed to take advantage of the ill-informed.

We block hundreds of thousands of phishing attempts. JSU has an anti-spam/phishing filter that blocks 99.9% of all attempts sent to our users.  However, that .1% can be thousands of messages that were not blocked.

What to do if you receive a suspicious e-mail?  If you are certain that it is bogus, delete it.  If you are unsure, DO NOT ACT UPON IT except to forward it to gem-notices@jsu.edu.   Someone will contact you about the validity of the e-mail. 

What can be done by JSU Information Technology to stop this?  JSU’s Information Technology staff are making every effort to mitigate our users being victimized as described above.  An account only has to be compromised for just a few minutes to cause great harm.  Because many of these events occur over the weekend or in the early morning hours, it might take at least an hour or two to get an event stopped.   JSU Information Technology is currently reviewing all technical, training and policy options which will help prevent this type of activity in the future. 

Now, Do Your Part.  JSU users should NEVER send login credentials to ANYONE via e-mail or click a link in an e-mail that asks for your username and password.   The best preventative is you!