Over 50 student emails compromised by hacking incidents
March 31, 2016
Recent months have seen many student emails compromised at increasing rates, with the most recent incident affecting 20 students. Most often, this occurs when unsuspecting students accidentally reveal their username and password to hackers, according to Chief Technology Officer Chris Weber.
Weber says he is concerned about the number of students who are accidentally revealing their information.
“Last semester we were aware of 24 compromised student accounts in total. This semester, we already know of 50–more than double last semester’s, and this semester is not over,” Weber said.
Students may wonder how they can protect their accounts and personal information from being compromised. Weber outlined many things students can do to keep their information safe. Students should look out for “phishing” emails, in which hackers disguise themselves as a trustworthy source in an effort to gain sensitive information.
“L&IT (Library & Information Technology) will never ask you for your password, and will generally not supply a link to a web page. Phishing emails, and legitimate emails, too, will frequently include a link to click on for some ostensibly good reason,” Weber said.
How can students spot phishing emails at a glance?
“Even on email that seems quite legitimate, you should always verify by hovering over the link with your cursor until the actual link address is shown. Never trust the address shown in the message,” Weber said.
Students are also advised not to give their usernames or passwords to any website that is not affiliated with the University.
“These sites may not be as protective of their registered users’ credentials as you might suppose, and a breach of one of these sites by the bad guys will provide them with your Bucknell username/password,” Weber said.
Finally, Weber cautions students not to share their password with any parent, family member, or friend.
“Not only is this practice specifically prohibited by L&IT’s Appropriate Use Policy, everyone else who knows your password is another person who could re-share your password, leave a logged-in session unprotected, or have your password written down somewhere where someone else could see it,” Weber said.
Students are encouraged to take a proactive stance in protecting their information and should remain on the lookout for any suspicious activity on their accounts.
“There isn’t any particular warning sign, but if you notice strange email, like returned messages you never sent, that’s a warning sign that something’s amiss, but that’s likely not the only indicator. Anything you notice that’s out-of-the-ordinary should cause you to want to find out if something is wrong,” Weber said.