“Watch this before Saturday.”

Many were perplexed by this message or a similar one in their student email inboxes. For some, the email appeared to come from a close friend. For others, the message appeared to come from a complete stranger.

William Dumire, vice president for Information Technology Services and chief information officer, identified the issue as a rogue source using an email link to collect personal information by imitating students.

“An email from an untrusted source is sent to potential victims using either a subject line that appears valid or by spoofing an email address of someone that the user knows,” Dumire said.

“Upon clicking the link, users are tricked into supplying their credentials and other personal information.”

The scam has been making its way across the internet and has already attacked multiple other universities. Waynesburg students who clicked on the link were locked out of their university user accounts and had to change their passwords as a result. Dumire says ITS reached out to all students impacted by the attack to fix the issue.

“To our knowledge, all impacted users have been assisted and their account access restored,” Dumire said. “(We did this) by working with Microsoft to investigate each account, educating the users about the issue, having them change their password and restoring access to their accounts.”

Junior accounting major Cory Love was among those targeted by the scam, but said he didn’t  click on the link.
“It was basically an email from some random name from Waynesburg, and it said something like ‘help me open this link’ with a green bar that says ‘open now’,” Love said. “I just deleted it because I wasn’t expecting an email from this random person.”

Email scams, often called “phishing scams,” are an attempt by cyber criminals to steal confidential information by sending an email posing as a legitimate source to gain access. These scams can lead to harmful malware infecting devices with the ultimate goal of holding victims’ information for ransom.

Dumire says one of the best ways to protect against scamming attacks is to proceed with caution when it comes to suspect links.

“Be wary of opening any email attachment,” he said. “Even when you know the sender, it’s entirely possible that their efforts to prevent attacks weren’t adequate and that a threat has infected their system.”

Love also said he discussed the scam with friends after he was targeted.

“At least five people (were attacked) in the room when I talked about it.”

Dumire said working together to protect private information is important to staying safe as a community.

“All Waynesburg faculty, staff and students have a shared, solemn responsibility to help protect our critical Information Resources,” Dumire said.

Along with spreading awareness of potential scam attacks, Dumire suggests a multitude of precautionary measures students should take to prevent scamming.

“Never click on any links asking for confidential personal information,” Dumire said. “You will never receive an email from Waynesburg ITS staff requesting your password. No other reputable organization should ever ask you for your password via email either. If you suspect your password has been compromised, change the password for all accounts associated with the compromised password immediately. Then contact our help desk. Use strong passwords for your accounts, and never share your passwords with anyone.”