- University Life
Spam and Phishing continue to grow quickly, occupying nearly 90 percent of all e-mail messages received. Spam is unwanted advertisements, cluttering our inboxes. Phishing is more malicious, as it is a technique cyber criminals use to gain your trust by sending an official-sounding e-mail message or phone message, posing as a legitimate organization, like American University, a bank, or government agency. The goal of the Phisher is to inspire you to click on a link so your computer will become infected or to get you to provide your password, banking information, or personally identifiable number (PIN).
In May of 2010, a web site was created to look nearly identical to our mail.american.edu website. An e-mail was sent from a cyber criminal telling customers they needed to change their e-mail password, which included the link to the falsified mail web page. Nearly 40 people followed the link and put in their credentials.
Our most recent large attack occurred in March of 2011. In this instance, 1,000 people received an e-mail purporting to be from "American University Wachington DC". Unfortunately, just over 10% of the AU students, faculty, and staff who received that e-mail actually clicked on the link and provided their credentials. In several cases, the credentials were reused by the cyber criminal in an attempt to access sensitive data.
Fortunately the Office of Information Technology staff used their detective and protective measures to prevent further damage to the user and to University resources; however, Phishing and Spam are global issues and human issues that require each individual to Stop.Think.Click™