New security measures include upgraded filtering software, incorporating two-factor authentication
In the past month, multiple posts have been made by students on the UTD subreddit about scam emails offering prestigious job opportunities and linking to suspicious websites. University officials said that the messages were linked to compromised university emails, and a new filtering software that has been in the works since December was recently put in place to help further prevent issues like this.
Chief Information Security Officer Nate Howe said that around 85% of scam emails were filtered using the now-outdated filtering software Cisco Email Security, and the 15% that weren’t filtered can contain scams from compromised email accounts belonging to professors, faculty or students.
“It comes from an internal location and you automatically trust it, like if it’s from a professor or student, and those are valuable accounts,” Howe said.
The UTD Information Security Office implemented a new email filtering system, Microsoft Office 365’s Exchange Online Protection on July 19. Howe said the office is also looking to incorporate two-factor authentication through the Duo app into many of UTD’s most-used programs including Box.com, Galaxy and PeopleSoft by the end of the calendar year.
“But it’s not going to be 100%, I don’t think we’ll get to a day where not one message of a scam origin got to an inbox. I have a personal Gmail account and I still get some junk in that,” Howe said. “I still need to give some thought of ‘Why am I getting this? Is this real? Should I click on this?’ and if Google and Microsoft and the big players can’t stop 100% of it, I’m not expecting that UTD can also stop 100% of it, so part of it falls on the user.”
Howe said multiple things can happen if people click on the link such as malware installation or prompting the victim to enter personal information onto a website that looks UTD-based. Stephenie Edwards, information and outreach manager at the Information Security Office added that scammers will often ask for victims to buy iTunes gift cards to send to the scammer or send in personal information such as their social security number or credit card number. She said that scammers often use psychological tactics to generate an emotional reaction from a person and cause them to act quickly.
“If emails trigger an emotional reaction, you need to step back. This sounds silly, but even if you explain it to your dog, just verbalize it, just the act of explaining something to someone it really just starts to make you say, ‘That is weird,’” Edwards said.
The Duo app provides a six-digit code which, in addition to the NetID and password, would give the student access to their information and accounts. The two-factor authentication software prevents attackers from using a stolen password and NetID to gain access to students’ accounts by asking for a login confirmation from another source, much like how Google or Apple alerts a user of a login from another source and asks to confirm it.
Edwards said the two-factor authentication could help prevent scammers from obtaining UTD emails.
“If someone has a stolen password but they don’t have your phone that’s linked to it, they’re not going to be using that account and they’re not going to be emailing from inside to inside anymore. They won’t be able to log in as the victim because (the victim is) linked to two-factor and the attacker doesn’t have the other factor, the phone, so they (don’t) have the Duo code.”
Students are at most risk when they’re checking their email in a hurry and click links or follow instructions to get rid of it and move on, Howe said. He added that he encourages students to forward the scam emails to the Information Security Office so the staff can research the type of scam and inform students on what to do next.
“Prevention-wise, people would help themselves to be more analytical and slow down a bit when they’re trying to get through their email. Email isn’t fun, and not my favorite way to spend time but if go too quickly or if I accept pressure that’s being put on me through email, that’s the time I need to be most willing to just stop and ask,” Howe said. “Ask someone. Ask firstname.lastname@example.org, or if you prefer to ask Reddit, if you prefer to ask a roommate, but what I have seen is… everywhere you look, there’s so many people who want to help when asked.”
To prevent from being vulnerable to attackers, Howe said people should consistently update their devices. If victims click on the link or share their information, they should immediately change their password while they wait for help from the appropriate department. Edwards said students are starting to come forward about scams to the police, and that it’s important that students contact the Information Security Office or the help desk if their have doubts about an email, or the police if they feel their physical safety is being threatened.
“It’s very easy to send an email, and there are people motivated by money and other strange reasons and we need to do the part we can do to shut down those opportunities. Be a bit skeptical. Ask for help. You’ve got departments around you that love to provide that education and support, but they need to be engaged and know what’s going on,” Edwards said. “The best way to combat it is to remember that we’re all part of a community, we’re all there to help each other.”