Eastern Illinois University Homepage

Quick Links

• Change Password
  
• Computer Labs
  
• Outlook Web Access
  
• PantherMail
• PAWS
• Software Downloads
• WebCT

Audience

• Students
• Employees

  Services & Solutions

  • Account/NetID
  • Application Services
  • Information Security
  • Internet/Network Services
  • Mail Services
  • Mobile Devices
  • Panther Card
  • Policies
  • Recommendations For Purchasing New Techology
  • Safe Connect
  • Technology Resources On Campus
  • Telecommunications
  • Web Publishing

Phishing Scams Lead to Email Problems

Submitted: Fri, Sep 04, 2009 02:43 PM

While phishing scams are nothing new, everyone at EIU needs to be on the look out for criminals trying to trick them out of their usernames and passwords. Since January, colleges and universities have found their users under constant attack from Internet scam artist attempts to deceive users and EIU is one of them.

Each of these phishing scams look different. Some say users are over email quota, other say the email system is undergoing maintenance while others still say users have to verify their account information. However, one thing is the same.

All phishing scams ask for password information. Phishing scams are designed to allow email spammers to access accounts that cannot be traced to them. They use this stolen access to send out tens of thousands of spam messages to email accounts all over the world.

Not only does phishing create problems for the individuals receiving the spam, but it creates a large problem for EIU as well. It can take as little as one or two compromised email accounts to have an impact on EIU email users’ ability to send email off campus. In other words, the actions of one or two people on campus can negatively impact the operations of the entire University for days.

The reason is the prolific rate at which spammers send out email once they have access to EIU accounts. In as little as a few minutes, the spammer could send out thousands of spam messages. Once outside companies and ISP notice spam coming from an EIU address, they act to prevent all EIU email from reaching their systems to protect their users against spam.

While ITS is always monitoring for compromised accounts and signs of these spammers, it can take a few hours before staff notice any problems. By this time the spammer may have send out thousands and thousands of spam messages. Therefore, it is important that everyone avoid falling victim to phishing scams.

To help explain phishing scams and help provide information on how everyone can detect a phishing attempt, the ITS Information Security office has created a web page on phishing at http://its.eiu.edu/security/phishing.php. In addition, ITS is working to implement controls that will help limit the ability of spammers to send out messages as well as increased monitoring to help improve early detection of spammer activity.