What do Madrid, Spain and the Knox e-mail network have in common? Here’s a hint: in just the past three and a half weeks, 16 student e-mail accounts at Knox have been phished, according to computer center director Steve Jones. Associate director Steve Hall added that he was able to trace the perpetrators back to Madrid.
Fortunately, none of these accounts were permanently compromised, but in order to keep one’s personal information safe and to prevent Knox from being blacklisted, it’s important to know which messages in the inbox are legitimate.
“[A phisher is] someone who is trying to get you to provide them with information,” Jones said.
A phisher sends out mass e-mail messages that ask the recipient to respond with personal information such as one’s Knox username and password, credit card number or bank account number.
A phisher differs from a hacker in that “a hacker comes to your house and picks your lock and breaks in. A phisher asks you for your key,” Hall said.
If a phisher does gain access to your account, first they will “read your mail for other information that may be valuable to them,” Hall said.
This includes password reset e-mails, which is dangerous if you use online banking services. If a phisher notices the account owner is traveling out of the country, he or she will e-mail the account owner’s friend and say, “‘I’ve been jailed! The American Embassy won’t help me out, but I need $5,000 bail money. Can you send it Federal Express to some place?’” Hall said.
Then they will “put a forward on your account so that all of your mail is then forwarded to another address … [such that they] don’t even have to log into your account to read your mail,” Hall said.
Lastly, they will use your account to send out other, similar messages.
When the Knox mail server notices an account is sending out thousands of spam messages, the mail server will blacklist the account. This means any mail sent from the blacklisted account “will either be bounced or thrown away,” Jones said.
Students never even know their messages aren’t going through, as they will just disappear. If the issue isn’t resolved, the mail server could take more drastic measures: the entire school’s e-mail accounts could be blacklisted. This means e-mail going out to prospective students and potential donors may not be delivered, causing chaos that could have been easily avoided.
“Never send a credit card account number, never send a password. If anyone tells you your password is suspect or may have a problem, ignore anything in the mail and go to www.knox.edu/password [and change your password],” Jones said.
Some messages from phishers may have a link attached. If the URL does not end with “@knox.edu,” do not click it. You should have a different password for every legitimate online account (e-mail, Facebook, banking, etc.), and you should never write your passwords down, only clues that make sense to you.
A good password will have, “capital letters, lowercase letters, numbers, punctuation and nothing makes sense,” Jones said.
He suggested having a general format for your passwords with which to remember them better.
If your e-mail account is compromised, go to knox.edu/password, change the password immediately and contact the computer service center at (309)-341-7700. The center will lock your account until all traces of the phishers can be eliminated. Usually the accounts are back up and running in 24 to 48 hours.