CSUN’s Information Technology (IT) Technical Services are warning students and staff to be aware of viral messages that may appear in their CSUN email accounts.
Early this semester several faculty and staff members complained of receiving suspicious emails urging them to update their email accounts. The message directed them to a link where they could input their personal information like their passwords and username.
IT Technical Services posted an urgent message on their website warning students and faculty to “never share [their] CSUN password or other confidential information by email”.
Chris Olsen, senior director of infrastructure services at IT Technical Services, said the number of spam emails that get sent out to faculty and student account varies depending on how realistic it looks and the number of responses it generates.
“These annoying emails come from multiple sources and are dangerous because [if] one of our CSUN students, faculty or staff responds to one of these messages and provides their password the spammer then uses the compromised CSUN email address and password to send emails to others,” Olsen said. “And, sadly, the cycle continues.”
English professor Susanne Collier says she opened her email account early Friday morning to find 13 spam messages waiting to be clicked. Collier said she still consecutively receives the same messages.
By clicking the link, the user will be sent to a malicious website where they will be asked for private information or be embedded with a harmful virus.
If this happens, Olsen said the best thing to do is quickly change your password and security questions by visiting https://www.csun.edu/account. Olsen also recommends you to forward all spam related emails to abuse@csun.edu.
Though CSUN uses multiple anti-spam systems to help reduce the amount of spam deliveries, spam emails cannot be erased altogether. However, CSUN does successfully block 90 percent of those messages.
“Their legitimate appearance makes them extremely difficult to block,” Olsen said.
The best way to reduce spam messages is to stop responding to them and to pay attention to the subtle characteristics of a fraudulent email, according to Olsen.
If the email asks for private information, has a suspicious web address, originates from an unknown sender or are generically addressed “dear CSUN customer” its very likely fake.
Olsen also said that the campus provides online Information Security Awareness training to all faculty and staff.
“The bottom line is to never share your password with anyone ever,” said Olsen. “Follow that simple rule and it won’t matter how convincing a given spam message looks.”