Friday, August 22, 2008
For the first time, the KU Information Technology Security Office sent an e-mail alert to all University faculty and students Aug. 4 that warned of a spear phishing e-mail targeting KU network users. The e-mail directed KU network users to verify their usernames and passwords to keep their accounts from going dormant.
Bill Myers, director of assessment and outreach for Information Services, said the office received reports of e-mails appearing to come from “KU Online Services” with an address of onlineservices@ku.edu and a non-KU reply address.
Julie Fugett, information security analyst for Information Services, said this was the first e-mail warning the office sent to avoid filling the inboxes of University students and faculty.
breakbox
Phishing is a fraudulent e-mail that looks like it was sent by a legitimate business to get the recipient to give out private information.
Spear phishing is a fraudulent e-mail targeted at a specific person that looks like it was sent by a person or organization familiar to the recipient.
“You cry wolf too many times and people will be like, ‘there they go again,’” Fugett said.
Myers said the office received hundreds of reports a week of phishing messages and thousands of attacks on the University’s network.
Fugett said some people even reported the office’s alert e-mail to abuse@ku.edu as spam.
“People really hate getting these things,” Fugett said. “They get tired of it.”
Fugett said fewer than 10 people replied to the last spear phishing message, which the office considered a threat.
Fugett said spear phishing messages were first reported to the office last March. She said each round of phishing attacks looked a little different.
“Since people change their tactics, we are playing catch-up to update our defenses,” Fugett said.
Fugett said after four to five reports of a specific phishing message, she would begin to draft an alert to post at the office’s Web site, www.security.ku.edu, and its beseKUre blog site, www.besekure.ku.edu.
Links to the security alerts are also posted on student portals and occasionally on Outlook Web Access.
The office works loosely with the University Privacy Office to handle phishing and spear phishing messages and their potential threats. Jane Rosenthal, privacy coordinator and custodian of records for the privacy office, said her office handled University information security issues.
“Security and privacy go hand in hand,” Rosenthal said. “If there were a phishing message of some flavor and it gave out University information, we would step in.”
— — Edited by Kelsey Hayes
Text message scam targets students
A mass text message sent on Feb. 1 was quickly determined to ...
University e-mail accounts attacked by fake KU ...
The IT Security Office is formulating how to stop the scam e-mails, ...
Workshop teaches warnings signs of cyber scams
Phishing scams have Internet users on edge.
University promotes students’ cyber security
KU Information Technology is encouraging students to recognize and protect themselves from ...
Facebook accounts pose dangers
Incriminating information online can both endanger student security and harm future career ...
E-mail frauds target University students
Many students received e-mails from somebody posing as a representative from the ...
Keeping personal information from cyber crime
Personal information can be accessed by hackers and thieves in an instant ...
Financial aid office apologizes; plans new e-mailing ...
Users abuse Facebook
University warns of possible hacking
Your name, birth date, social security number and credit card number could ...
University e-mail working
Students and faculty can now access KU e-mail.
University sends out swine flu warning
KU officials hope that new swine flu education will keep students healthy ...
On-campus e-mail gets facelift over break
KUIT is nearing completion on a server-move and client updates.
Outlook accounts may feature Gmail technology
The application could provide a new format and more space, but KU ...
University to test emergency text message system
Students and faculty will receive a test message noon Wednesday.
Personal data again left unsecured
Expanded inboxes to allow more e-mails
Last Wednesday, Information Services announced that students’ e-mail mailboxes had been increased ...
Emails lost due to incorrect labeling
Last night two of the spam/virus servers for the University experienced a ...
Think before you tweet
Social networking sites can provide too much personal information for others.
University warns students about phone scam
Someone posing as a KU employee has reportedly been calling students and ...
Students can receive text alerts about late ...
KU on Wheels has developed and implemented GPS to track bus performance ...
University implements communication system
The University of Kansas is working to implement Message Blox, a system ...
Text messages will alert students
Beginning today, students can sign up to receive text messages from the ...
New password policy is in effect at ...
Technology troubles affect campus
Before being resolved late Wednesday, a hardware failure produced problems for faculty ...
Administrators focus on campus safety instead of ...
The Northern Illinois University shooting hasn't affected KU's policy.
Stewart: Why we should receive texts for ...
University changes to new, more secure wireless ...
Before using the new network, all users need to reconfigure their wireless ...
KU Safety Office investigates fake classified ad
An ad that has appeared in The University Daily Kansan may leave ...
Students can now get transcripts online
Registrar’s Office now allows for students to request and obtain their transcripts ...
Letter: Rally e-mail should not be called ...
Facing the music
For 13 students sued by the music industry, the risks of illegal ...
KU Information Technology promotes Hawk Drive to ...
Previously available only to faculty and staff, the service promises one gigabyte ...
On-campus emergency alert system will be tested ...
An alert tone and test message will be heard both inside and ...
KU works on improving cell phone signals
The potential plan with phone carriers could help eliminate dead zones and ...
E-mail gives career counselors advice
E-mail gives career counselors advice
From left: Kimberlee Hinkle, Libby Johnson and Hannah ...
1 comment
Kansas Jayhawk fans hold aloft a reproduction of ...
2 comments
Erin Saupe, a Ph.D. student from St. Cloud, ...
1 comment
0 comments
Armed robbers continue to threaten.
3 comments
Lecture from Greg Mortenson, co-author of New York ...
0 comments
Comments
Use the comment form below to begin a discussion about this content.
Sign in to comment
Or login with:
OpenID