By Andrey Nalbantov | Published by October 13, 2021
Kean University students have been on the receiving end of a series of scam emails sent that began this past Spring and has continued into the Fall ’21 semester.
The perpetrators disguise their emails as if they are being officially sent out by Kean’s Office of Computer & Information Services (OCIS). The emails are made to look like official university documents to make students believe that they are important matters and should be taken care of immediately.
The main purpose of scam emails everywhere is for hackers to obtain personal information such as login credentials, credit card information, and potentially bank account details.
By clicking the link often provided with phishing emails, students are asked to enter their login credentials to verify account information. Once that information is used in the fake website, the account names and passwords fall into the hands of hackers.
To spot scam emails, there are a couple of things a Kean student should look for. As a starter are the links provided inside. For example, “tinyurl.com” or “bit.ly”.
According to Kathryn Zawodniak, a Desktop Support Student Technician from OCIS, no official entity from Kean would use those because they have their own website. Another red flag for potential scam mail is the email address used.
“Addresses that look right at a glance but aren’t when you look closely,” said Zawodniak. Such as email@example.com instead of firstname.lastname@example.org.
Students also should look out for poorly edited messages filled with factually incorrect information. In some cases, the fake emails sent out would not make any sense, like the expiration of an account for example.
“You’ve probably never heard of a “Kean ID” expiring — because it doesn’t,” said Zawodniak.
An example of a recent scam email attempting information theft was the conspicuous “Restriction placed on your Cash App” on Sep 8. The scammers were pretending as mentioned earlier to be OCIS Support.
The email included a link where Kean students would gain “access” back to their Cash App accounts. This fake email was sent out to faculty too. Some students who do not even have a Cash App account also received this same exact email because usually scams are sent to large numbers of people at the same time.
Here comes the question: What should a student do if they have opened a link and inserted their information in a potentially fraudulent website? As a starter, you should immediately contact OCIS and report the issue.
“We often take proactive measures to disable accounts that may have been compromised,” said Zawodniak.
Additionally, the affected student should immediately change their password and remove any unfamiliar devices that might have been signed into their account. An extra measure that can be considered is changing the passwords of other accounts in possession of the same student in case the passwords are the same.
How can students know if their accounts have been compromised? This can be divided into three steps.
A student should check their “Sent” tab to see if there have been any conspicuous emails sent from their email. Secondly, they should check if there are any new logged devices in their accounts. And lastly, they should look out for any unusual name changes.
Scam emails will continue being a potential threat and Kean University students and faculty are not exempt. Knowing how to look out and protect themselves from one should be an important aspect to keep in mind.