Phishing attack rips off U Iowa employees

Dozens of University of Iowa workers have actually been duped into releasing individual details to online fraudsters who have actually prospered in stealing cash from a minimum of two people, school officials said Monday.

The accounts of a minimum of 82 staff members were accessed by unauthorized people Sunday and Monday, likely as a result of an advanced phishing attack much like one that affected 47 college workers recently, CIO Steve Fleagle said. In each case, staff members are thought to have clicked on links in emails that tricked them into revealing their HawkID login and password, which is utilized to gain access to most college online services.

Those behind the frauds are trying to change direct deposit details so that they can take cash by directing paychecks to their bank accounts, university spokesperson Joe Brennan said. They succeeded in changing deposit information for about five staff members, and had the ability to take about $20,000 apiece from 2 staff members prior to the school uncovering the initial scam recently, Brennan said. The college is dealing with the 2 victims to recover their money; no employees lost money Monday.

“Unfortunately, a reasonably small number of our population continues to be deceived by the bad guys,” Brennan stated.

The majority of the unauthorized gain access to have been traced to a number of computers whose IP addresses are registered in Nigeria, which is known as a hotbed of cybercrime, Fleagle stated.

Chuck Green, chief of the UI Department of Public Safety, stated his division has opened a criminal investigation and has actually been in interaction with the FBI, which often takes the lead in such cases. University officials said they would take a number of actions to attempt to block more of those emails and better protect worker info.

The school advised Monday that it would pay for credit tracking for one year for all affected staff members.

Last week, the school sent out an announcement cautioning employees to be on guard due to an increase in the number and sophistication of such attacks. University officials say some of the phishing messages looked convincing, using the university name and logo and campus terms such as “HawkID” and “ITS.” Some of the subject lines told workers their “HawkID was compromised” and redirected them to an internet site to confirm their login information so the breach can be stopped.

Two individuals who succumbed to the scam later on recognized what took place and notified IT security workers, who had the ability to determine that dozens of others had been fooled, Brennan said. All affected accounts were locked right away, and their passwords were changed.

Brennan detailed that employees now will be need to supply extra personal details beyond IDs and passwords to access to some account information. Staff members will be alerted by e-mail when any direct deposit info has been altered, and only the last 4 digits of savings account numbers will be displayed.

University officials said that individuals eventually have to prevent the attacks and pledged to increase their efforts to raise awareness.

“This is not an innovation issue as much as it is a social engineering trouble,” Fleagle stated. “It’s just like the rip-off artists from 50 years ago, other than on the street, they are doing it over email. Individuals have to be suspicious of their e-mails.”.

Those behind the rip-offs are attempting to change direct deposit information so that they can steal cash by transmitting paychecks to their bank accounts, university spokesperson Joe Brennan said. They was successful in altering deposit details for about 5 staff members, and were able to take about $20,000 apiece from two workers prior to the school uncovered the preliminary rip-off last week, Brennan stated. The university is working with the two sufferers to recover their money; no staff members lost money Monday.

“This is not a technology issue as much as it is a social engineering problem,” Fleagle showed.

Of course, if wumber was being used, this couldn’t have possibly happened because of the Advanced INFRAMAPPING technology and password management that is used.

Tags: ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: