Phishing scammers target USU professors, IT asks for caution

Cassidy Woolsey, staff writer

Computer security threats targeted USU professors on Jan. 16 and again on Feb. 12, said Bob Bayn, security analyst for USU’s information technology department.

Three professors were victimized by a phishing scam, resulting in stolen bank account information, Bayn said. This allowed the hackers to take money from their direct deposits on Banner.

The first scam originated from a Russian web server, misleading professors to enter their account information into a bogus Banner page almost identical to USU’s. The second scam originated from an Italian web server but had the same objective, he said.

“It was a very credible message,” he said. “Unless you knew what to look for, it was pretty deceiving.”

The message received had a forged USU sender address, a USU logo and had a link similar to usu.edu.

However, the distinction lied in what came before the usu.edu portion, Bayn said.

By hovering over the link before clicking, an unusual address before the usu.edu is shown, which indicates a scam.

“The warning we need to get out is to know where you are going before you click,” Bayn said.

IT is watching for suspicious activity and will warn people if another scam is reported. They will also be reviewing time stamps on direct deposits, Bayn said.

However, unless the victim uses Aggiemail, IT won’t be able to know if the hackers are reaching them through Yahoo, Gmail and other accounts, he said.

“It’s not just professors,” Bayn said. “Students can also be hit by this stuff. Just be cautious, and most likely in a year from now, I suspect this sort of thing won’t be successful and they will move on.”

The USU Controllers Office is currently working with the bank to resolve the issue.
“We filed a fraud report with the bank and they are working on it,” said Dan Christensen, a controller at USU.

Within the last six months, other universities have been target by related phishing scams.

In October, the University of Utah’s School of Medicine had a similar scam where at least three individuals’ direct deposit information was accessed and their paychecks stolen.

“I am surprised only three of our professors had stolen information,” Bayn said. “The message was fairly elaborate.”

There were 14 individuals who received the message and felt suspicious enough to alert IT. Bayn said that is how they became aware of the problem.

Colin Flint, a professor of political science, was a receiver of the phishing message. Flint said he realized it was a scam because of the unfamiliar address.

“I don’t get these types of messages very often,” Flint said. “I am always cautious when I get an email from someone I don’t know. This just reinforces that level of caution.”

cass.stephens12@yahoo.com