PSA: Phishing Emails Targeting OWU

By Tiffany Moore, Online Editor

tpmoore@owu.edu

Phishing emails continue to find their way into student, faculty, and staff member inboxes at Ohio Wesleyan University (OWU). The biggest questions are who are they coming from and why haven’t we caught them?

According to Mike Rue, OWU’s IT help desk communicator, sometimes the culprit is never found. Phishing emails arrive on campus almost every day. People don’t always report them. In an interview, Rue said people generally send phishing emails either to gain access to an account, send spam from that account, or send out more phishing emails.

“They first acquire others email accounts to do their dirty work,” Rue said. “sometimes three to four emails to make it hard to track.”

When a phishing email is sent and reported, there are two routes that the university takes in tracking who it came from. One is to secure the users account that it was sent from. The other route is to block the web link that comes in the email. This only works if it’s on campus.

Senior systems and security analyst, Jason Cocks, says most phishing emails come from mail servers around the world. Phishing messages can be sent through text messages and social media as well.

Cocks says that there are two types of phishing messages, spear phishing and general phishing. Spear phishing is when the target of the message is individually selected for an attack, in which that target will have a specific reason for being attacked. In those cases, Cocks says they are typically targeted for their status or the information that they have. General phishing emails are sent out to a group of people in hopes to persuade at least one person to giving up their information.

Educating people about phishing emails is preferred over going through victims’ emails to find the origin of the phishing email, says Cocks.

“If there is official communication coming from the university through email there will always be contact information in that message,” Cocks said.