On Tuesday March 24, the Office of Information Technology sent out a global e-mail to all University of Tampa accounts warning everyone about a phishing scam and stating that the university’s IT department will ‘never send an e-mail requesting your username and password.’
Phishing scams are e-mails that are designed to trick people into replying with their username and password.
The scam than can use the information for identity theft or to send spam e-mails using the hacked address.
At least one UT e-mail account holder was fooled by the latest phishing scam.
Director of Instructional Technology, Stephen Magriby, urged account holders to be vigilant and report all suspected phishing e-mails to spam@ut.edu.
Once the phishing e-mail has the information, it uses the hacked UT account to send out thousands of spam e-mails.
The problem for UT’s IT department is that other users from companies like Hotmail, Yahoo, and Comcast than report ut.edu accounts as spam. Then UT e-mail accounts are blacklisted and IT the department has to try and get them un-blacklisted.
Magriby said the quicker the IT department learns about a phishing scam, the more effective they can be at combating it.
‘If no one ever responds, than sooner or later it will stop,’ he said about the phishing scams.
Since July 2008 Magriby estimated three dozen UT e-mail accounts have replied to phishing scams.
While staff and faculty seem to report most of the scams, he suspects some students are too embarrassed to report being tricked and just try to get new accounts.
Magriby said that universities in general tend to be targeted by phishing scams because they have more relaxed controls on e-mails than commercial accounts because of academic freedom.
Most of the phishing scams that have targeted UT e-mail accounts have come from countries like Holland and Russia.
Part of the reason for the new password requirements for UT e-mail accounts is to try and combat phishing scams.
Cristobal Gomez can be reached at ceiroa.gomez@ut.edu
“