On Campus

Outdated Protocol Responsible for Phishing Spam

During the last few weeks before students left for summer break, several of them received phishing spam to their university e-mail accounts, partially due to out-of-date e-mail protocols. Samuel Josuweit, of network services, said that the messages were generated by virus-infected, off-campus computers. “The virus uses e-mail addresses harvested from the infected computer as targets and sources.The e-mails requested students’ usernames and passwords. Of the 12,000 student e-mail accounts, about 600 of them received the spam, and only 6 of them responded to it. Because of the anti-spam system, those responses were redirected to the tech help desk instead of the spam harvester.Bloom technology currently uses extensive anti-spam and anti-virus filtering that rejects 70 percent of inbound e-mails. “For security reasons, I can’t really go into the details of any filtering processes we use,” said Josuweit, “but they are adapted on an as-need-basis.”Josuweit said that on average, those filtering processes block about 540,000 messages a month.

If a student gives up an e-mail password through a spamming scam, any information that comes into the account becomes insecure. This could include personal information through communication with companies like Amazon, Paypal, and FASFA.

E-mail protocols used by the entire world were developed in the 1970s.  “Security and verifying the senders ID were not taken into consideration back then. Until the internet standards committee ratifies a more secure e-mail protocol we will have to live with spam messages,” said Josuweit.

He provides several points of advice for students to avoid the negative results of spam:

1. Never e-mail a password to anyone. We will never ask for a password, pin or anything else via e-mail.

2. Never install software or run an attachment unless you know it’s from a trusted source.

3. Make sure you keep your computer to-date with the latest software updates. Use automatic updates where possible.

4. Make sure you have up-to-date anti-virus software installed.

5. Last of all, use common sense.




Comments are closed.