Safety measures implemented by USF Information Technology (IT) to alleviate the effects of phishing scams have been successful. But an e-mail sent by the department a few weeks ago advises the University community to remain cautious of new threats.
The phishing scams, which are sent via e-mail, pose as a legitimate authority and say that some type of service – usually financial in nature – will end if a student fails to provide details including his/her NetID, password, full name, date of birth or financial information, said Alex Campoe, director of the Office of Information Security for IT.
“No bona fide service or entity would ever ask you for your password (through e-mail),” Campoe said.
The department constantly updates its spam filters, which block most scams from reaching students’ inboxes, Campoe said.
In August, IT instituted a 180-day password change policy requiring students to update their password every six months, according to it.usf.edu. Within 30 to 45 days of the deadline, students will receive an e-mail reminding them a change is needed.
About 90 to 95 percent of phishing scams are stopped before reaching students, Campoe said.
Despite the threat of scams, students may be less likely to fall for them because they are more computer savvy than previous generations, said Adam Malone, an FBI special agent who deals with cyber crime.
“Somebody that’s more up-to-date with technology, computer usage, the Internet, e-mail and how they work may be a little bit less vulnerable because they may be more suspicious of (scams),” he said.
Malone said there are two types of scams emerging.
“Smishing” is a phishing scam sent through text messages to cell phones in certain area codes. They seek similar information as the ones sent via e-mail, he said.
There is also “vishing,” which utilizes voice-over Internet Protocol calling. It directs people to call a 1-800 number and provide financial information such as bank account, credit card and PIN numbers to an automated messaging system that records the information for the scammers, Malone said.
Malone said there is never a circumstance in which students should disclose user IDs, passwords or any type of financial information to questionable sources.
It’s important for students to become educated on phishing scams, Malone said.
“If awareness increases, the amount of crimes are going to decrease,” he said.
If students mistakenly respond to a phishing e-mail, Campoe said they should immediately change their password, call the IT Help Desk at (813) 974-1222 or report an incident through security.usf.edu.