Phishing for information

Valparaiso University has recently seen an increase in students receiving suspicious emails thought to be attempts to commit identity fraud.

These emails, known as “phishing scams,” are known to wreak havoc if a person gives their information away to the sender. Becky Klein, manager of the IT Department and Brandon Morrison, manager of the IT Help Desk, explained more about phishing scams.

“A phishing scam is when people steal your information to commit fraud,” Klein said. “It’s usually of the financial information.”

This can have a lot of consequences for students Valpo. Basically, if someone steals your information, they are able to steal your identity and impersonate you online.

“It’s a type of social engineering attack,” Morrison said. “It tries to steal information through the people without someone knowing. Say if you were to answer an email that asked you what your favorite pet’s name was. If you answered, they would receive your information.”

Senior Justin Givens has received some of these emails, but has always been cautious about handing out his information.

“If you have all your passwords taken by somebody else, your whole VU life is pretty much ruined,” Givens said.

When asked about a general profile for the hackers, Klein gave an interesting delivery.

“They [hackers] are never in Valpo. They always come from the outside. Cyber crime can bring in a lot of money. These people can be anyone from a kid living in his parents’ basement to a big-time IT person who turned to the Dark Side,” Klein said.

“About 60 percent of email is phishing scams that are sent out globally,” Morrison said. “According to Google, Gmail filters 99.9 percent of spam. This is usually an organized crime and people rarely act alone.”

With that being said, there are some specific signs to look for in order to decipher a legitimate email from one associated with a phishing scam.

“It’s hard to detect because the scammers are always a step ahead of the protective measures,” Klein said. “These hackers use logos to make it seem legitimate. However, some signs are that these emails contain bad spelling, grammar, weird capitalization and punctuation errors. These emails can range from being babysitting requests to email storage issues. Which, by the way, doesn’t exist since Gmail has unlimited space.”

If you have fallen for a scam, there are a few steps you can take to secure your information.

“The first thing you should do is immediately change your password using the IT website,” Klein said. “Then you should call the Help Desk and let them take you from there.”

“We’ll give you a list of things you should check to see if anyone tampered with it for fraud prevention,” Morrison said. “After that, forward the email to us. Once we have five identical reports detailing the same incident, Becky will send a campus-wide email out to alert everyone.”

When asked about tips for preventing phishing, both IT managers had some advice to give.

“Be suspicious,” Klein said. “Don’t trust an email, and be careful of what you click. Always be safe [rather] than sorry.”  

“October is CyberSecurity Awareness Month,” Morrison said. “There will be many events held throughout the month that are generally well-received. We also have a YouTube channel with many YouTube videos to help educate yourselves. But ultimately, the best way to fight phishing is to educate yourselves and those around you.”


Cyber Security Month phishes for solutions

October is Cyber Security Month and NC State plans to engage students, helping them learn about the threats they face online.

The month’s highlight event is on Oct. 22, where the FBI Cybersquad will come in to talk to students in Stewart Theatre. 

“We are working with the FBI cybercrime division here in Raleigh, who are coming to talk to students who may want to work with them or are interested in cybersecurity,” said Leo Howell, the assistant director of security and compliance at NC State.

Howell says that the main security threat facing students today is phishing, which is using technology to pretend to be a legitimate company in order to gain information such as credit card numbers or account login information.

“One of the major issues we have is phishing,” Howell said. “Students click on a link, and if they aren’t careful they can send their username and password to someone.  That’s the biggest issue we have right now [on campus].”

For Cyber Security Month, NC State hopes to hold events that will teach students about how to be more careful when they are clicking on online posts, including the Make it Your Mission to Stop Phishing Fair and events on securing Android and iOS devices.

Cybersecurity isn’t just a campus-wide issue; it is a nationwide issue as well.  On both scales, we face a much more major risk than phishing, this risk is known as industrial espionage.  Industrial espionage is where a hacker tries to steal data or or bring down an industry through the means of hacking

“In general, cybersecurity isn’t what it used to be, hackers were usually trying to get something they can convert to cash, like a credit card number,” Howell said.  “What is trending up now is industrial espionage, a lot of what we do here is create new technologies and this is the biggest risk we face now.”

Cyber Security Month will be a time to get students to use Google’s two-step verification system, which helps protect students in the situation

Two-step verification allows students to not be compromised if someone does get a hold of their username and password. After logging in, the student will be required to add another form of authentication before actually being let on to their account.

Howell hopes that Cyber Security Month will be a fun time for students and hopes that it can teach students, faculty and staff how to be safe and cautious when they are on the internet.

“Cyber Security Month we want to make a fun event on campus, where students, faculty and staff can come and have a good time, basically learning how to perform online at home,” Howell said.


Apple Users Targeted with iCloud Phishing Scam

Lately, Apple users including celebrities have been targeted by cybercriminals with malware and phishing scams — This phishing scam is also after iCloud accounts.

Recently IT security researcher Mehrdad noticed Apple users reporting that they couldn’t access their iCloud accounts. He then did some social engineering but didn’t find anything until one of his clients mentioned that they had received an email from Apple several days ago. It claimed his iCloud account has been blocked and asking them to click on a link in the email.

Upon looking at the email, it seemed legit but after tracing header of the email he discovered two things:

1. The email wasn’t sent from apple

2. The link in the email body doesn’t belong to the official website of iCloud and redirect to somewhere else!

Screenshot from the email sent by cyber criminals

➢ Sender:

➢ URL: www (dot) cityjoinery (dot)com/iCloud

apple-icloud-phishing-attack-3Chrome already detected the site hosting phishing scam

This is an old trick which you may already know as “phishing” but even today it’s a growing threat and one of the most successful ways to steal someone’s data. Here is another email that Mehrdad found encouraging users to confirm that they had made a purchase from Apple

➢ URL:

At the time of publishing, the phishing scam on the above-mentioned link was removed however here is a preview of the phishing email.

Must Read: 11 easy tips to secure your Mac against hackers


Technical details:

When an SMTP email is sent, the initial connection provides two pieces of address information:

* MAIL FROM – generally presented to the recipient as the Return-path: header but not normally visible to the end user, and by default, no checks are done that the sending system is authorized to send on behalf of that address.

* RCPT TO – specifies which email address the email is delivered to, is not normally visible to the end user but may be present in the headers as part of the “Received:” header.

Together these are sometimes referred to as the “envelope” addressing, an analogy based on the traditional paper envelope, and unless the receiving mail server signals that it has problems with either of these items, the sending system sends the “DATA” command, and typically sends several header items, including:

* From: Joe Q Doe <> – the address that is visible to the recipient; but again, by default no checks are done that the sending system is authorized to send on behalf of that address.

* Reply-to: Jane Roe <> – similarly not checked and sometimes:

* Sender: Jin Jo <> – also not checked The result is that the email recipient sees the email as having come from the address in the From: header; they may sometimes be able to find the MAIL FROM address; and if they reply to the email it will go to either the address presented in the From: or Reply-to: header – but none of these addresses are typically reliable, so automated bounce messages may generate backscatter.

Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.

The word is a neologism created as a homophone of fishing due to the similarity of using a bait in an attempt to catch a victim. Communications purporting to be from popular social websites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting victims. Phishing emails may contain links to websites that are infected with malware.Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.

Phishing is an example of social engineering techniques used to deceive users and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures. Many websites have now created secondary tools for applications, like maps for games, but they should be clearly marked as to who wrote them, and users should not use the same passwords anywhere on the internet.

Phishing is a continual threat, and the risk is even larger in social media such as Facebook, Twitter, and Google+. Hackers could create a clone of a website and tell you to enter personal information, which is then emailed to them. Hackers commonly take advantage of these sites to attack people using them at their workplace, homes, or in public in order to take personal and security information that can affect the user or company (if in a workplace environment). Phishing takes advantage of the trust that the user may have since the user may not be able to tell that the site being visited, or program being used, is not real; therefore, when this occurs, the hacker has the chance to gain the personal information of the targeted user, such as passwords, usernames, security codes, and credit card numbers, among other things.

➢ Train people

➢ Use Anti-phishing software

➢ Browsers alerting users to fraudulent websites (like firefox and chrome)

Eliminating phishing email:

Specialized spam filters can reduce the number of phishing emails that reach their addressees’ inboxes, or provide post-delivery remediation, analyzing and removing spear phishing attacks upon delivery through email provider-level integration. These approaches rely on machine learning and natural language processing approaches to classify phishing emails. Email address authentication is another new approach.

Report the scam to anti-phishing teams:

Reporting phishing to both volunteer and industry groups, such as Cyscon or PhishTank.


Legal response:

In the United States, cyber criminals who create a fake website to defraud consumers can be sent to prison for five years and pay a fine of  $250,000.

Identify legitimate websites :

• Which site (exact URL)?

• Use SSL?

• Who is the authority?