Canva

This past summer, Madison College students and staff received notices from the college about increased phishing activity targeting college accounts.
The message outlined what phishing is, addressed some recent forms of phishing that have been reported and offered actions to take if you receive a suspicious email.
Cory Chrisinger, the college’s chief information officer, and Jesse La Grew, the chief information security officer, said phishing is a form of “social engineering.” Its goal is to trick or pressure people into doing things that they would otherwise not do.
Much of the time, phishing attacks are about money, LeGrew said. However, money is not always the goal of phishing. In a college setting, phishing emails are sometimes used to gain access to college systems or resources. Scammers may use the gained access to perpetuate their operations.
Madison College is not the only phishing target. Public higher education, because of the number of emails and the openness of widespread communication, is a more vulnerable target for these attacks.
“Groups are specifically targeting Madison College and its population, likely because they’ve had some success,” Chrisinger said.
Phishing perpetrators research the communication styles, structure and working of higher education so they can better disguise their efforts. “It is a pretty dialed in process on their side,” Chrisinger said.
However, phishing does not go unchecked. Through the college, students use Microsoft Outlook.
“When you click on something it gets checked by Microsoft … same thing with attachments, it’ll try to scan that before it is even delivered,” La Grew said.
Although these and other protections are in place to protect students there is an ever-present battle between the scammers and cybersecurity professionals to gain the upper hand.
When you see something in your inbox that you think may be phishing, Chrisinger and LeGrew want you to report it. Reporting helps the college’s IT department identify and remove current phishing emails, better protecting students from these threats.
To limit the spread of phishing emails, the IT department is limiting the number of recipients per email to a maximum of 50. Emails that serve departments, other selected organizations and WolfPack Connect are exempt from this policy. If there are any issues or a need to send larger emails, the IT department will help.
According to Chrisinger and La Grew, the most significant thing when identifying phishing emails is the sense of urgency. This is a tactic that scammers use to pressure people into giving into their scam.
If the email gives you the feeling that you need to respond immediately, that is a bad sign.
Emails from unknown senders may also pose a risk. If you are ever unsure about the origin of an email, visit the group’s website and use the websites’ listed contact information to reach out.
For anyone who is a victim of phishing, the best thing to do is reach out. The IT department has resources and contacts that may be able to help you. If a crime has been committed, contact Public Safety, who will know the appropriate law enforcement avenues.
Anyone interested in learning more about phishing can contact the Madison College Libraries and ask about their resources.