An investigation into 71 possibly compromised student account credentials, some subject to phishing attacks, started Nov. 26 after reports on the accounts were made.
The Information Security Office sent an email Monday afternoon alerting students of the possibly compromised accounts. The email encouraged students to forward possible spam or phishing schemes to firstname.lastname@example.org and visit www.uta.edu/password to change an account password.
Emails on university accounts that seem innocent on the surface could actually be sent from scammers phishing for private forms of ID, the Office of Information Technology warns.
The university took immediate action in the ongoing investigation, including contacting the affected students, temporarily freezing the accounts and assisting them in safeguarding their account information, university spokesperson Joe Carpenter said in an email. It also included implementing additional precautionary measures on all student accounts.
Many of the affected accounts that were subject to phishing appeared to have occurred over a prolonged period of time, Carpenter said. Account users were directed to contact the Office of Information Technology Help Desk to have access reestablished.
In a seven-day span this semester, 475 malware threats were blocked from the UTA email system, 26,208 phishing messages were detected and 1,039 messages were reported by users, according to a previous Shorthorn article.
“Phishing attacks are a frequent occurrence, in some cases every day, and are a fact of the information systems environment in 2019,” Carpenter said.
The university has spent over $4 million in security updates over the last couple of years to combat a variety of malware, blacklisted scam accounts and more, according to a previous Shorthorn article. But phishing scams have become some of the hardest to prevent on a technical level.
According to the FBI’s Internet Crime Complaint Center, people lost about $30 million to phishing schemes in 2017.
The Information Security Office email advised students, faculty and staff to act proactively in regards to their personal information security. This includes closely monitoring university and personal accounts for any unusual or unauthorized activity and regularly resetting passwords to financial accounts and personal email accounts.
“This incident and the message released today should help reinforce that information security is a shared responsibility,” Carpenter said. “Users are an important first line of defense in the protection of personal and sensitive information.”