Student email accounts targeted, compromised

The university’s Information Technology department released a statement Monday warning students that over the weekend accounts were targeted and compromised.

The statement from Assistant Director of IT Security Stacy Draper said “many” students reported the scam emails to Public Safety and the IT Help Desk. She thanked students for “being vigilant in watching for those types of emails.”

Students have reported receiving emails with a subject line similar to “Security Scam Warning” that requests money transfers, Draper said.

USI Chief Information Officer Richard Toeniskoetter said his department began receiving notifications as early as the weekend. He said the types of emails that were sent are using extortion as a tactic.

“So what the hacker is doing is there’s a lot of stolen passwords that are bought and sold on the dark web,” he said. “Hackers are doing this and sending an email and that says I’m snooping on you and watching what you’re doing and here’s your password.”

He said hackers attempt to trick students into monitoring what they are doing.

“We don’t believe the hackers are monitoring anything, and they have not gained access to any systems,” Toeniskoetter said.

Toeniskoetter said the number of students affected was not very large and ranged from the 10’s to 20’s.

“This has been going on for months with our employees, even employees in my department have received these emails,” he said.

Toeniskoetter said IT looks for an indicator of the mail and tries to block certain keywords and phrasing to stay in front of the hackers.

He said they have traced just one email to the African country of Sudan.

“In the past to my recollection, it’s coming from Russia or some other country far away,” he said. “The main thing we are trying to do with the email is to raise awareness and not let students panic or spend money.”

Draper said, “the hacker may tell you they have your password or access to your account and have been monitoring your actions.”

It is unlikely that hackers are actually monitoring your activities, but the university recommends

you should immediately change your password if compromised.

Toeniskoetter said that the university has been spared from any breach this academic year. He told The Shield in Oct. 2017 hackers had breached an official IT Advisory,  retrieving an exact copy of the advisory and sending it back to campus emails asking for verification of a password. He said the university is cautious using the word “breach.”