Wheaton College Being Targeted by Nefarious Hackers in Africa

Posted August 23, 2017 by Academic and Institutional Technology
Tags: Security

Wheaton College Being Targeted by Nefarious Hackers in Africa

Recently a series of phishing emails were sent to our campus through compromised employee accounts. These emails appear to be from a legitimate “Wheaton.Edu” account and each of them prompt you to open a hyperlink.

These emails are phishing attempts. Wheaton College is being targeted by a team of nefarious hackers located in Africa. Do not click on the link. Thank you to all who reported these scams, because your vigilance allows us to quickly catch these attacks and warn the College community.

Unfortunately, more than 25 staff and faculty members clicked on these malicious links and entered their personal account information. This has allowed the spam to continue being sent and has given the attackers Wheaton College credentials that can be used to access financial details and other sensitive information. In addition, those who use the same credentials for other online accounts (e.g. banking, Netflix, etc.) have also given access to additional accounts.

For more information about the recent phishing attempts, read “Pishing Attempt | Memo from HR Department.

What is phishing?

Phishing is a type of internet attack that aims to steal usernames, passwords, credit card information, Social Security information, and other sensitive data. Phishing attacks are carried out by someone masquerading as a reliable source.

Hackers responsible for phishing scams often target institutions like Wheaton College because of our size and our institutional identity. Phishing emails are usually targeted toward specific populations such as students or employees. Sometimes, scammers even go to elaborate lengths such as including the Wheaton College logo, changing the send address to look like it was sent by a College department, or creating a web-page that looks like the Wheaton website or Portal.

By tricking campus users into giving their information away, attackers can:

  • Perform identity theft by running up credit card charges or opening new accounts
  • Steal money from victims by modifying direct deposit information or draining their bank accounts
  • Use employees' credentials to access other campus systems and steal confidential College data
  • Send additional spam from compromised email accounts

Why is it important to understand phishing?

Phishing attacks are an ongoing threat to campus, and they are becoming increasingly convincing and sophisticated. Successful phishing scams can put both you and others at risk for financial loss or identity theft.

Each person at Wheaton College is responsible to protect their own College credentials and keep them out of the hands of malicious hackers.

What can I do to avoid phishing attacks?

  • Never send your passwords to anyone over email.
  • If you’re suspicious of an email or worried about an account, call the organization which maintains the account (such as AIT or your bank)
  • Hover over a hyperlink (don’t click it!) to reveal the actual URL. Don’t click the hyperlink unless it goes to a URL that you trust. 
  • Look at the email address—does it match the text of the email? Does it match the email of the organization it is allegedly tied to?
    • For example, all Wheaton College emails will come from an @wheaton.edu or @my.wheaton.edu email address
  • Keep your computer and mobile device software up-to-date
  • Check the security certificate of a website before entering sensitive data. They should normally begin with https:// Some browsers, such as Google Chrome, will display a padlock symbol in the address and status bars to indicate its security. If the site is insecure, do not enter your personal information.

How do I identify a phishing scam?

The first and most important rule: Never give out personal information in an email. No reputable institution will ask for confidential information via email.

While it’s not always easy to recognize whether or not an email or website is legitimate, there are tools to help you discern what is safe:

  • In an email, you might see prompts to “verify” or “update your account” or “failure to update your records will result in account suspension.” If you have already provided your information to credible organizations, they should not ask you to re-enter it. Do not fall for this trap.
  • Phishing attacks often communicate a sense of urgency, in order to convince you to act immediately and click on a link. Be wary of any unexpected email that demands immediate action.
  • Any email that asks for your personal information should raise your suspicions. Even if the email has official logos or links to a legitimate website, it could still easily be fraudulent. Never give away your personal information.

Social Phishing

Phishing attempts can also happen over the phone. Be wary of unexpected phone calls, and research the caller before giving more information. Social phishing occurs when a person pretends to be affiliated with an institution in order to access confidential information.

Often, the scammer will contact a specific individual in person, over the phone, or via email. Because the contact is person-to-person, the target tends to be less suspicious. Always double-check someone's credentials before giving them more information. If they're legitimate, they'll understand and appreciate your caution.

Recovering After a Scam

If you think you might have fallen for a phishing scam, you should take the following steps:

  • Change your password. If you use the same password for any other accounts, change those passwords as well
  • Report any emails you received as part of the phishing scam to Academic and Institutional Technology
  • If College data could have been compromised, contact us and let your supervisor know what happened
  • If personal information (such as driver’s license, Social Security number, or passport) has been given to the scammers, you are a victim of identity theft. Contact Public Safety and Academic and Institutional Technology for assistance.
  • Watch your accounts for any unusual activity.

For more information about phishing scams, we recommend watching “Avoiding Phishing Scams." This training video is about seven minutes long and provides an in-depth look at how to recognize and avoid phishing scams. If you aren't already logged in, you may be asked to sign in to Lynda.com.

Always exercise caution when responding to emails. If you're not sure whether an email is a phishing attempt or not, contact us by email at ait.service.desk@wheaton.edu or call 630.752.4357 (HELP).