College marks a time of independence for an individual. For the first time in many people’s lives, they are thrust into the world, where they are required to care of and make decisions for themselves. Although this level of independence is a large milestone in one’s life, many people would like to take advantage of a student’s inexperience for their own financial gain. In other words, there is no shortage of scams, particularly phishing scams, targeting college students.
According to Incapsula, a phishing scam is a technique used by scammers to lure individuals into providing personal information, such as login credentials or bank card numbers. This is done by the scammer masquerading as a trusted source. Typically, these scams are sent via a text message, instant message or email that includes a malicious link. The scammer then uses the information to steal funds, make unauthorized purchases or commit identity theft.
Willamette students have recently been targeted by scams. One notable incident occurred in 2017 when fake emails that appear to be from University President Stephen Thorsett were sent to WU community members, according to former WITS Help Desk Manager Mathew Wolpa. The emails were sent by someone outside the WU community using spoofed information. Another incident occurred in 2016 when emails were sent to WU community members stating their WU account needed to be upgraded, otherwise their account would be deleted.
Phishing scams can also come in other forms. According to MoneyTalksNews, other common scams directed toward students are tuition scams. With tution scams, a scammer posing as a school administrator will call the student stating they are late paying tuition and will be dropped from classes if they don’t pay immediately over the phone.
Professor of Computer Science K. Fritz Ruehr said spear phishing is a more sophisticated form of phishing that is harder to detect. Ruehr said that that one WU student once worked at a computer security company, where one of her job assignments was to spear phish her boss. All she needed to know were a couple things about her boss’s hobbies, and she was able to send an email to her boss with an infected document. Reuhr said that even though her boss worked for a computer security company, they still opened the infected document.
It isn’t just phishing scams WU students need to worry about. The internet has made it easy for scammers to post fake job and housing advertisements also targeted toward students. Sites such as Craigslist have a reputation of being infested with these type of scams.
Although it’s almost impossible to be completely safe, it’s not very hard to protect yourself from most phishing scams or other types of scams found on the internet.
For example, in 2014, a presumed scam was posted on Reddit by the user “NORENTROOM” advertising a free room for students to stay in near Chemeketa Community College and WU. Reddit users gave readers warnings by labeling the room a murder room, stating students won’t pay rent because they will be dead. Other types of scams, according to MoneyTalksNews, are credit card scams, password scams, advance fee scams, online book scams and check cashing scams.
Although it’s almost impossible to be completely safe, it’s not very hard to protect yourself from most phishing scams or other types of scams found on the internet. As mentioned in an email sent by Wolpa, one thing to look out for is proper spelling and grammar. In both the phishing attack sent to WU students as well as the Reddit scam, improper spelling and grammar were used. Wolpa also stated that WU personnel will never send an email requesting personal information. Additionally, an email sent by WITS will always include a signature of the employee who sent it, and WITS will never use a service such as TinyURL to hide the address of a link. Ruehr advises students not to click on links on emails, even if it’s from someone you know.
“There are some obvious things to tell people not to do,” Ruehr said. “Don’t click on links in an email. If you are going to click on a link that somebody gave you, try to verify that it is a good link. You’ve got to look pretty carefully. Better yet, never click on links that somebody gives you. You can create the link yourself by typing in something that you know is legit, and then you get to the legit place.”
All these sophisticated scams can be worrisome in the digital age, and it can be sometimes hard to detect what is a scam and what is not. By using proper caution, it will decrease the chance of an individual becoming a victim. However, as Ruehr joked, there is only one way for one to completely avoid becoming a victim of a phishing scam, and that is to stay away from a river.