Press "Enter" to skip to content
Information technology had to work with phishing emails last Tuesday. Photo by Mark Krupinski.

Phishing emails pervade inboxes this week

By Matthew Cunningham on February 8, 2019

Early on Tuesday morning, a series of phishing emails were received by members of the Stevens community. These emails intended to deceive Stevens community members in order to collect usernames and passwords of the people who fell for the trick.

As the Federal Trade Commission explains, “phishing is when a scammer uses fraudulent emails or texts, or copycat websites to get you to share valuable personal information – such as account numbers, Social Security numbers, or your login IDs and passwords. Scammers use your information to steal your money or your identity or both.”

In one email sent out by a student who had her email hacked — with the subject line as “Re: RE: Meet the Candidates for the Wellness Educator and Asst Dean/Director of Student Life positions!!!” — only one button is included in the email, which asks the recipient to “Display trusted message.” If someone clicks the button, then the login credentials for that person would potentially be compromised.

Alexander Wiederock, one such student who received a phishing email, saw that he had received an email from a fellow student, a student who he knew and trusted. “In this email, it had this blue button. I clicked it, it opened up my web browser, and it immediately said web page blocked.” When he tried to access Wifi on campus the next day, he couldn’t. “It happened to a bunch of people, that’s what IT people told me when I went. I just had to run a virus scan, and then they enabled my account.”

Darren Yezo, Director of Information Security and Operational Resiliency, sent an email to the entire Stevens community late on Tuesday.  “We wanted to alert you to a series of phishing emails that were received today by members of the Stevens community,” he wrote. “These emails contained malicious links and, once clicked, would attempt to harvest the user name and password of the person who clicked the link.”

Yezo advised members of the Stevens community to not click the buttons. “If you have received and already clicked the button or web link, you must change your password immediately,” he wrote.

Members of the Stevens community who receive phishing emails should report them to phishing@stevens.edu.

Published in News

Matthew Cunningham
Matthew Cunningham

Matthew Cunningham is majoring in Science and Technology Studies at Stevens. In the past four years, Matthew has reported over 150 articles on metro, university, and campus news; science features and commentary; opinion; and arts and culture features. During his time at the Stute, Matthew has served as a columnist, webmaster, managing editor, and editor-in-chief.

More posts from Matthew Cunningham

Be First to Comment

Leave a Reply