Spring 2024 has brought an onslaught of predatory phishing emails designed to harvest information from the SRU community. Students claim this affected their trust in legitimate SRU emails.
The issue has persisted for years as threats become increasingly sophisticated.
Lately, “social engineers” have been obtaining login credentials from various places on the internet to gain access to SRU email accounts.
An email will take the form of SRU administration or a student and claim the recipient’s account is about to close. As a result, students have given out their addresses, phone numbers, the last four digits of their social security numbers and more.
“[S]cammers then use this information to commit identity theft,” an official SRU communication said.
Interim associate provost and director of Information and Administrative Technology Services (IATS), Henry Magusiak, said the school is not aware of any breach of SRU’s internal systems and that it can be hard to pinpoint how social engineers obtained these credentials.
“It could be from many companies,” he said.
The IP address of the emails is located in Russia, according to junior computer science major, Layne Burkhead, who traced it.
“It’s probably just some Russian dude trying to make money,” he said.
Last week, an email asking recipients to click a link was sent from the account of graduate student Thomas Abraham.
He claimed he does not give out sensitive information and is unsure how this happened.
“I don’t even have social media except TikTok [be]cause of scams and fake accounts,” Abraham said. The school did not directly contact him regarding this issue.
“I was unaware that an email was sent from my account,” he said.
Additionally, senior Abby Royer received an email saying her school Microsoft account would be shut down if she did not take the necessary steps to prevent it.
“It seemed legit because it was an SRU email,” Royer said. “I didn’t want to deal with the stress of losing everything on there.”
She contacted the Help Desk through email and voicemail but did not receive a reply, aside from a mass SRU communication nine days later.
“I’m not sure if the school even fixed my problem or if my identity is stolen and being used on the dark web,” she said.
According to Magusiak, the department has been in contact with some students about the issue but has not spoken to all of them.
“It’s been difficult dealing with it, it’s been taking a good bit of our time,” Magusiak said. “We don’t want this to happen more than anyone else.”
He also said that the school uses software to detect account information that exists on the dark web and will alert students accordingly.
“SRU’s Information and Administrative Technology Services is mitigating the attacks by disabling the compromised accounts and removing the phishing email, but some attempts might continue to occur,” the mass SRU communication said.
It also claimed the school will never ask students for their passwords via an emailed link.
Magusiak said there is a national pattern where phishing greatly increases at the start of new semesters due to new students and increased anxieties about account access.
“You’ll see online there are a lot of other campuses talking about it,” he said.
Once information is given to the social engineers, IATS does not have a way to retrieve it.
“If there’s anything relating to money or social security, you would want to call campus police,” Magusiak said.
He urged for more education and awareness around these scams.
“Right now we’re trying to get the message out so that this stops happening…we have to work together,” he said. “We want to do whatever we can to protect you guys.”
Individuals who have been hooked by a phishing scam can contact the Help Desk at 724-738-4357 or helpdesk@sru.edu.
Those concerned about financial or identity theft can contact campus police at 724-738-3333.
