In an effort to avoid future scams via e-mail, administrators are educating students on the most common scamming models that may affect them after experiencing issues with the SUNY New Paltz e-mail service in which their personal information was asked for.
Paul Chauvet, UNIX & Linux Systems Administrator from Computer Services said students can avoid phishing scams, whether they be from the college or any other business or institution, by doing the following:
- Not relying only on the ‘from’ address as an indicator of where the message came from.
- Not responding to any e-mails with personal information (social security numbers, financial information, passwords, etc.). This includes clicking links in e-mails which bring you to pages which ask for such information.
- Calling the institution if there is any doubt about an e-mail. For example, Chauvet said if students are dealing with a bank, contacting them through the phone number on your bank statement and not any number provided in the e-mail.
“The most common tactic of these phishing scams is to scare people,” said Chauvet. “They say that if you don’t do what they say, which usually entails responding with your username and password or going to a link and providing that, then something bad will happen.”
According to the Computer Services website, the only time a student or faculty member will be asked for information is when they appear not to be employed by the college anymore. In this scenario, a notice will be sent out letting the recipient know that their accounts will be closed. If it wrongly occurs, the student will have to name a class they are enrolled in and faculty will have to name their supervisor. No personal account information should be exchanged.
“Usually the threat is that if you don’t [provide the information] your account will be closed,” Chauvet said. “Some of these messages try to appear very official.”
If students encounter a fraudulent e-mail attempting to gain their information, they are encouraged to e-mail firstname.lastname@example.org to have the potential scam looked at.