While the season for spooking is almost upon us, I don’t mean to scare you when I say we’re under attack, but that’s also not an exaggeration. Attacks are on the rise, specifically in Higher Education, where “The average number of weekly attacks per organization in the academic sector in July-August increased by 30% from 468 to 608 when compared to the previous two months. The general increase when you consider all sectors in the USA is only 6.5%.” [Source: Check Point Blog]
Consider the current ransomware threat, which usually starts with a successful phishing attempt and tricks the individual into downloading and installing a small piece of software that the attacker can Command & Control (C2) from afar. Once installed, the attacker can begin exploring the person’s computer, stealing data of value before encrypting it all and asking the person for ransom. It’s a scary attack included in most of the incidents seen this year.
On October 8th, we received over 100 inbound emails from various “@gmail.com” addresses that contained malicious attachments with names like “Notebook.docx” or simply “Documents.docx”. These were sent from addresses like “[email protected]” and “[email protected]”. While we continue to investigate the specific payload, here are some good tips for detecting these things before it’s too late:
- Don’t open attachments or click on links sent from unknown sources. Ever.
- Investigate the sender’s email address…OIT will always email you from “@williams.edu”, not “@gmail.com”
- Report all suspicious emails you receive to [email protected]
Remember, the bad guys usually try to create a sense of urgency. They believe that a flustered human is a human that will make mistakes, panic, and/or give up a password or pay a ransom. Slow down, think it through, and follow your own “Spidey sense” or gut instinct.
Hourly Employment Scam
Even closer to home, we have heard of Williams students receiving unsolicited offers for employment. They might look something like this:
A professor shared me a link for students who might be interested in a PAID PART TIME JOB POSITION to make up to USD 300 weekly,
Email for More info – [email protected]
NOTE: This is strictly a Work From Home Position
Remember to send the email from your private email and not school email.
The last line should be a dead give-away, but in case you receive a message like this, via email, text or on social media, it’s a scam. Our neighbors at BCC offered some insight into what happens when someone falls victim to this scam and emails the fraudster. In an apparent check kiting effort, the attackers offer to send a first salary check to the student that includes additional funds for them to transfer to a charity.
Regardless of the motivation or how enticing the offer may be, never provide your bank account information to unknown parties. It’s best to simply ignore these messages and not interact with the sender at all. At the very least, any interaction informs the attacker that they have a real live person’s attention, and they will try their best to exploit that.
Nobody knows if this new level of interest in America’s education system will continue to attract attackers after the pandemic has cooled down, but at least for the foreseeable future we ask you all to be extra cautious and alert when dealing with unusual emails, texts or posts.
#BeCyberSmart and we can all do our part to defend Williams!