OIT issues 10 phishing alerts in past week

In the past two weeks, many University students have reported through residential college listservs and to the Office of Information Technology about having received phishing emails attempting to steal recipients’ sensitive information, such as their NetID and passwords. This has led OIT to issue 10 alerts regarding different phishing attempts in the past week, according to the OIT website.

All of the emails tagged in the alerts provide links to outside forms where users are prompted to enter personal information. Once the attackers have access to the information, they can also use the stolen email account to propagate more phishing attempts, according to information issued by OIT.

The emails were sent from a variety of addresses, including some with .edu tags and others from government administrations. The emails also vary in nature, ranging from ones claiming the user’s email capacity had been exceeded to warnings that the user’s email is about to expire.

Most of the phishing attempts also were designed to mimic University IT and help desk emails. One such email contained the subject title “Technology Update,” and asked students to re-validate their campus login and email by inputting their current password. Other emails requested users to update their Microsoft Outlook and Office clients.

One other email, with the title “IRS Special Notice,” had asked for recipients’ Social Security number and their IP PIN number. The email also stated that there has been suspicious activity detected that pertains to the recipient, and that the recipient will be given a new SSN.

In response to student concerns, OIT also issued a separate alert, asserting that one of the emails sent by OIT informing students about an upcoming internet update was not, in fact, another phishing attempt.

A representative from OIT did not respond to a request for comment as of press time.

Assistant Vice President for Communications Daniel Day stated that, “OIT is aware of these phishing attempts, which arrive in a steady stream over the course of each year, and the University takes them seriously.”

Day noted that the Office of Communications is currently unable to comment on the number of students affected by the attacks or their origin.

The University has experienced similar events in the past. In March 2012, approximately 1,000 to 2,000 phishing emails were sent from a University WebMail account asking students to confirm their NetID and passwords. The students were redirected to a fraudulent version of the University website, which included a URL and graphics that mimicked those used by Princeton. After investigation, it was discovered that the 2012 attack was conducted by a Brazilian phishing domain.

The OIT website advises students who receive suspicious emails to avoid responding with personal information or clicking on links and attachments. Any student that believes they have received a phishing email should immediately report it the OIT Help Desk at helpdesk@princeton.edu or by calling 8-HELP.