By Sarah Wali and Nicholas Gerda
AUC’s technology services has issued a warning to faculty and students against a phishing scam that appears to be coming from their office. The scammers are using the University Academic Computing Technologies’ support email to ask for user passwords.
“They are trying to get you to tell them an account number and a password for some particular use,” said John Stuckey, AUC Chief Technology Officer.
“This message is from aucegypt.edu messaging center to all email account owners. We are currently upgrading our database and e-mail account center. We are deleting all unused accounts to create more space for new accounts,” reads the email.
“A lot of people use the same password for all their accounts. So if I use the same password for my bank account as I do for my email account, they might use it to break into my bank account,” Stuckey added.
While the email appears to be sent from email@example.com, an address to the UACT department, replies sent from faculty to the email were traced to a different address: firstname.lastname@example.org. The same address sent phishing emails in October and November to other universities around the world including Pacific Lutheran University, University of Waterloo and Trinity College Dublin.
A phishing scam involves fraudsters asking for personal information such as account numbers and passwords. They then use this information to either steal money or identities. Their emails seem legitimate because they come from a reliable and trusted source.
“The people who do this try to find the most plausible things they could make, so that they appear to be legitimate,”
Stuckey warns student against giving out email passwords. He stresses that no institution will ask users for their passwords. Anyone who is looking for email passwords could be aiming to hack into the user’s bank account.