Members of the Grand Valley State University community are on alert following a campus-wide phishing probe attempted by an unknown party to obtain individuals’ personal information.
On Aug. 29 a phishing email titled “Student Refund Notification” was sent to students. Following the phishing attempt, GVSU’s Office of the Vice President for Information Technology (IT) later sent an email following up on the situation.
GVSU’s IT Services blocked the link when on campus or using GVSU-provided equipment. They are working with the domain registrar that is hosting this fraudulent website to get it taken offline. If students did click the link, the email advised that they change their password immediately and sign in to myBanner to verify their direct deposit information.
In recent years, phishing incidents like the recent probe at GVSU, as well as those affected, have increased exponentially. According to the Federal Bureau of Investigation’s 2021 Internet Crime Report, there were 25,344 reported victims of phishing in 2017. In 2021, the number of phishing victims increased to 323,972, making phishing the most common cybercrime.
As part of this tactic, attackers utilize phishing emails to trick users into giving up money, credentials, personal information and data. Attackers can distribute malicious links in these emails that can perform a variety of functions.
As the recent incident revealed, GVSU is no exception when it comes to the proliferation of this deceptive cybercrime.
“I expect this will increase at GVSU as well in the years to come,” said Chief Information Security Officer Luke DeMott. “The information security team at GVSU is exploring additional options to protect students, faculty and staff. This is not a simple problem to solve and no company or institution is exempt from these types of scams.”
GVSU Security has many algorithms and services in place meant to block phishing emails before it reaches student inboxes. When any phishing emails are reported, the link is blocked from all on-campus resources. If there was an incident involving financial loss, the IT Security team will work with the GVSU Legal Department and the Grand Valley Police Department.
To combat the growing concern, GVSU has created a list of indicators to watch out for in phishing emails.
If the header of the email sounds too good to be true, GVSU’s Cyber Safety webpage explains, it likely is. For example, the subject line used in the recent incident, “Student Refund Notification,” may sound exciting or interesting and is relevant to students.
If the email requires you to act fast or is a limited time offer, GVSU experts indicate that it is best to ignore it.
One of the common indicators in a phishing email, DeMott said, is the sense of urgency.
“One of the manipulation techniques used by these bad actors is to try to make you believe you have to act immediately,” DeMott said. “Any message prompting immediate action should be viewed with caution.”
Further, the Cyber Safety webpage details, hyperlinks may look different in the email than it does when hovering over the link with one’s device. The difference could be one letter, so it is important to pay attention. Even miniscule differences can indicate a phishing email.
If there is an attachment in the email that looks suspicious or unexpected, the webpage explains, don’t open it. Among other potential threats, it could lead to payloads like ransomware being installed on one’s device. Ransomware then blocks one’s access to their information until they pay a ransom.
Lastly, if an email looks suspicious, GVSU has created pathways for community members to report it before any potential damage can be done.
If students receive a suspicious email, they can report it by forwarding the email to [email protected] or by opening a ticket at services.gvsu.edu.