It’s a well-known fact that the internet has changed the way the universe is connected. It has done so much good for many people, yet, it has also done as much bad for just as many. It has become jet fuel in an increasingly globalized world, but since most people have all their information digitized, it has opened the door for the few who carry bad intentions with them when they turn on their computer. Drake University experienced the negative side of the internet during a phishing attack last week.
According to the Infosec Institute, phishing is an attempt by a fraudulent party to steal personal information from an innocent victim through digital means (i.e. message, email, etc.). The fraudulent party pretends to be from a website, institution or business that the victim has most likely used before. Phishing has been around since the early 1990s when a group of hackers became the first phishers, calling themselves “the warez community.” While their initial method of phishing was identified and shut down, the warez community moved onto new methods and continue to phish into the present-day.
Drake University recently found themselves victimized by phishing hackers. I talked to student technician and computer science major Hannah Horowitz to get a better understanding of what happened. According to Horowitz, the incident happened around 10 p.m. in the form of an email to Drake accounts and affected at least 300 students. The phishing email looked like it came from someone you knew with an attached link that needed to be clicked on to see the content, which would then direct the person to questions where they would give out their personal information; where it would inevitably be stolen by the hackers. Horowitz also had some advice for students who are worried about phishing attacks in the future.
“If you get an email you find suspicious just don’t click on the link, and never give out personal, private credentials,”Horowitz said. “If you do click the link, make sure to change your password right away.”
While Horowitz doesn’t believe phishing attacks happen on a regular basis, she did say Drake faculty are sent fake phishing attacks by the IT team so they can identify it when it happens.
Personal research into how law enforcement and other government agencies are attempting to combat phishing proved fruitless. Both the FBI website and the National Institute of Standards and Technology (NIST) only described what phishing is and gave their own protection tips. There was nothing discussing what steps they were taking to ensure phishing occurs in isolated incidents, nor did they say what policies they were taking into Congress to keep people as safe as possible when they go on the Internet. For now, all there is to do is tread lightly when surfing around the Internet, use common sense and be as safe as possible.