Misleading messages: Spam & phishing emails affect students

Story by Isabela Salas/COMM 2311

Computer spam and phishing are far less appealing than the ready-to-eat spam and the nature filled adventure of fishing. The spam that is a technological threat does not just sit harmlessly in the pantry.

What is spam in the computer world?

Spam can be described as “junk email” according to Aaron French, IT Support Specialist for the School of Health Professions at Texas Tech University Health and Sciences Center.

The reason French says spam is such a threat is because it is not what it appears to be on the surface. “If you click on spam,” French says, “sometimes it will lead you to things that are malware or email that will try to separate you or your money or your information from yourself.”

And it doesn’t appear to be going away. An informal survey done by the Texan Mosaic administered to South Plains College students found 19 out of 35, or 56%, reported receiving spam emails every day. Seven of those 19 students said they receive spam multiple times a day. Fourteen students, or 40%, said they were offered a job.

And a fake job offer is not uncommon.  SPC Campus Security Analyst Olga Lozano says common job scams within spam include personal assistants, pet-sitting, bookkeeping, and issuing checks/check processing from home.” Lozano’s been at SPC for 10 years. Her work includes identifying and preventing weak points in IT security at SPC.

Misinformation in the form of fake jobs took advantage of second year SPC student Skylar Ramos.   She says job offers she perceived to be true flooded her email during her first semester at SPC. She even clicked on one but immediately exited. Another student, she says, later informed her she received an email for a pet-sitting job offering $550 a week from Ramos.

Ramos says she tried to fix her mistake but failed. “Knowing that was definitely a scam,

I hurried to try and log on to my account,” she says, “but it kept on saying my password was incorrect. I tried the option that says ‘forgot password’ to somehow reset my password, but it said ‘Your account is currently blocked from signing in-’ and to ‘Please contact an admin-.’”

If you are a victim of a scam, Lozano advises using a long list of things to resolve  possible resulting problems. The first item on the list is to change your password immediately. She also recommends using password managers which can securely create and remember passwords for you.

In addition to changing your password, Lozano suggests running a virus or malware scan. She says to report the scam. And, she says if you’ve given away financial, driver’s license, or social security information, you should contact the appropriate authorities immediately. SPC has a lot of information about cybersecurity on its website.  To find it, log into MySPC, go to Services & Information, then click on Cybersecurity.

Ramos says her bad experience was a “whole inconvenience.” And she is not the only student who has suffered from something like it.  Lozano says in 2020scammers fooled many students with phishing emails. IT Specialist French says, in a public setting or online, phishing can be described as seeking personal information.

“Most of the job scams will hire you without ever talking with you on the phone or meeting you and will require that you correspond with them through a personal email,” Lozano says.

Lozano offers one case, in particular, as an example of how bad the fraud can be. One SPC student, she says, was offered a pet-sitting job paying $35 an hour for two dogs in 2020. The following exchange of emails shows how the scam worked. The first message, on June 16, is the student asking the fake employer for more details about the pet sitting job offer. The fake employer then, offers a lot of information in return.

Next, the student reads the fake information from the sender and offers information of her own. The same day the fake employer “hires” the student, and even more information is exchanged.

The scammer asked for the student’s phone number and address. Lozano says: “They will then send an over-payment check so that you can deposit it and send the remainder of the money back to an address.”

 Lozano says these checks are often fake.  “No legitimate employer will send payment in advance and ask the ‘employee’ to send a portion of it back,” she says.

Phishing and scam attacks do not just affect SPC. They are problematic across the country. In fact, in a 2006 article headlined, “Spam kid slammed for $13 million” from the Newspaper Source Plus database, former Texas Attorney General and current Texas Governor Greg Abbott, says a U.S. college student led a massive spam email operation and was fined more than $13.5 million.

The article stated, “The emails tricked consumers into revealing personal information that was later sold to other companies despite assurances of privacy.”

Selling emails online can be a common occurrence. IT Support Specialist, French, says scammers will program a machine to send out emails. “They have a list of email addresses

they’ve harvested from somewhere else probably somewhere else on the internet that has been sold to them,” he says.

Of course, it can be difficult identifying what is a scam and what is real. French says many scamming messages will use an emotional appeal to get someone to use immediate action, usually in the subject line.

“If you ever get the newsletter from something,” French says, “you have no idea what it is, it says click here to unsubscribe, well it will pretty much guarantee you you’ve just signed up

for about 20 more, because it verifies that is an active email address and that somebody’s there actively checking it.”

Another piece of advice to help reduce the risk of being scammed: Always being on the lookout for anything misleading, no matter where messages come from. According to the SPC student survey, 40% of students said the spam emails they receive are from the school. Other students reported they are from businesses.

“With scam emails you’re gonna get people trying to impersonate someone else or some other business/companies,” French says.  Misleading elements could be the icons or the spellings sometimes, he says. Other times he says logos aren’t going to look “quite right” and the color’s going to be “a little bit off.”

When trying to avoid being scammed, Lozano says not to send private information at all even if it is requested. She says refraining from clicking on any links or pictures can limit being exposed to malware.  She advises everyone use strong passwords with a mixture of numbers, characters, and upper-case and lower-case letters.

Other advice to do with creating answers to security questions. “The single best practice,” Lozano says, “is to pick an answer that has no relationship to the question but you will be able to remember.”

At the most gullible moment, remembering this advice can prevent being hooked into rotten spam. And no, we have not been talking about the ready-to-eat kind that comes in a can.

In the end, Lozano has some final words of warning: “Most importantly, never provide any personal information to someone you do not know!”

Leave a Reply

Powered by WordPress.com.

%d bloggers like this: