Naperville Central staff receiving influx of phishing emails
October 23, 2018
Naperville Central staff have been receiving an influx of emails falsely claiming to be from Principal Bill Wiesbrook. Common terms used to describe this issue are identity spoofing and phishing.
“[Spoofing is when] I assume someone’s identity, and a phishing attack means I’m going to send you an email message to incent you to give me information,” said Director of IT Infrastructure Joe Jaruseski.
While the senders’ names typically match Wiesbrook’s, the email addresses do not.
“If you open up an email and it looks like it comes from somebody you know and trust, you’re more likely to think it’s legitimate,” Jaruseski said. “If you check the name and let your mouse hover the email, and see that it didn’t come from the email address of the person it was supposed to come from, then it’s likely a phishing attack.”
Phishing attacks are illegal attempts to obtain personal information and often have malicious intent.
“Bad actors will go on a corporation’s or school district’s website, find out the names of the leadership and try to assume their identity,” Jaruseski said.
As Wiesbrook’s name, position, phone number, email and picture are easily accessible on Naperville Central’s website, he is vulnerable to identity spoofing.
“A few staff members said to me, ‘I got an email allegedly from you, saying you wanted my credit card number,’” Wiesbrook said. “Right around the time I heard that, the principal at Naperville North told me that people [there] were getting scam emails from her.’”
Aside from having his identity spoofed, Wiesbrook has received phishing emails as well.
“Occasionally this school year, emails appear in my inbox that look like they’re coming from someone I know,” Wiesbrook said.
The fraudulent emails will typically contain links that, if clicked on, ask the recipient to log into a system. By doing so, they reveal that account’s username and password to the sender.
“All hacking is financially driven,” Jaruseski said. “You reuse passwords and login names because you’re never going to remember them all. The login name and password you use for your district account may be the same one you use for your banking, finances, savings and investment opportunities.”
Upon receiving a staff member’s district password, bad actors, used to describe the party behind the attack, may then use it to attack other assets.
“They’re going to try to find other places that might use the same login name and password and get access to your banking and financial systems,” Jaruseski said.
Emails outside of District 203 now contain yellow warning boxes reminding recipients to verify the sender’s identity; emails that falsely assume Wiesbrook’s identity are blocked. Traffic from countries viewed as bad actors, including North Korea, Iran, Iraq and potentially China, is often blocked as well.
The district is also considering additional solutions regarding information security.
“We’re looking for technologies to put on our email system that will open up an email that looks to be fishy, and explore the origination address in the background,” Jaruseski said. “It will realize domain and name differences, and then send you an alert.”
The issues of phishing and identity spoofing are not unique to District 203.
“Phishing is an issue that’s been around for many years,” said Matt Fuller, Assistant Superintendent of Technology and Innovation at the Barrington 220 School District. “It’s gotten worse in the past five years.”
Communication is critical in addressing the attacks. Barrington 220 has a blog that discusses issues such as phishing. KnowBe4 is resource utilized by several schools, which Fuller describes as an anti-phishing company.
“The main thing we try to do is tell people [about phishing] in advance,” Fuller said. “When a specific phishing attack comes out that’s widespread, we will send emails showing what it looks like.”
Although content of phishing emails may vary, bad actors share a common goal to obtain usernames and passwords that may be used for other accounts.
There have not been reported issues of students experiencing phishing attacks. However, it is important that students remain aware about what to look out for and potential consequences.
“If an email is sent to you that contains a link, that should immediately be suspect,” Jaruseski said. “If you recognize who sent it to you, go ask them. The best thing to do is to use common sense.”
bean • Nov 1, 2018 at 11:58 am
Phishing is one of the biggest threat to this world because in this technique attacker sends the spam link to the victim in order to obtain the personal information. There is some new phishing removal scam introduced by the Office 365 that will give the protection from phishing and error code 0xc004f074 occurs then it will automatically remove it.