Over 40 students affected by phishing emails were urged to visit I.T. and change account passwords

Waverly Hart
News Editor

Over fall break, College of Wooster students’ school email accounts were targeted by phishing scams. Many students received emails asking them to click a link to give their username, password and other information.

Once a student or employee clicks on the link and enters their information, the phishing site can then send out more emails using that student’s email address. Consequently, many phishing emails that appear to be from a Wooster student have been sent out to the student body.

According to Vince DiScipio, the director of technology services, this is a dangerous cycle.

“Once they get one person’s username and password they can send out emails from that person. Then students start to get emails from a name they recognize, and they’re more likely to click the link,” DiScipio said.

In an email sent out by Information Technology (I.T.) on Monday, they stated that the phishing campaign had been successful in harvesting at least 41 usernames and passwords. Once students enter their usernames and passwords, people on the phishing site can then use these accounts to spam globally. In response to the active phishing campaigns that have been plaguing students’ email accounts, I.T. has taken precautions to help ensure that students’ email accounts are safe.

“Over the weekend, members of the I.T. staff set up rules to stop the delivery of further phishing emails and used Microsoft’s tools to remove delivered phishing emails,” DiScipio wrote in an email to all College of Wooster students.

I.T. has put in additional filters to try to prevent and delete the phishing emails before they can get into students’ accounts. Additionally, they have disabled the affected students’ accounts from being able to send emails to people outside of The College of Wooster.

DiScipio said that students should be wary of emails with poor grammar and typos, as these are some of the things indicative of a phishing email. Students should also make sure to hold their cursor over the link without clicking it, so that they can see the URL the link will send them to.

I.T. is working with the users who have been affected by the recent phishing campaign. DiScipio urges any student that gave their username and password to go to I.T., located on the fourth floor of Morgan Hall. Affected students should change their college account password.