Washburn information technology reacts to latest phishing scams to hit campus

Michelle Hubler

Careful what you click: This is a screenshot of the latest phishing scam to hit Washburn. It is important to stay vigilant for emails like this one.

Since Covid-19, phishing scams have gotten more creative and prevalent, preying on all those who have now been forced to go online during the pandemic. Many have become victims of these attacks on Washburn University’s servers.

It looked like an email disguised as a Washburn address, wanting the students to sign a paper. Needless to say, many students, faculty and staff fell for this scam, requiring Information Technology Services (ITS) to temporarily disable their accounts.

Many people fall for this scam because hackers are getting smarter with their methods of attack. Homer Manila, director of ITS at Washburn, shares how to protect students from scamming.

“Make sure not to click on emails from people you don’t know,” said Manila. “When in doubt, you can always email I.T. [[email protected]] or call (785) 670-3000. They will be more than happy to check the email out for you.”

Common methods for phishing attempts will look like email attachments and links, pop-up windows or messages, phone calls, instant messages, text messages and fake system notifications.

“Scroll over the link. If it is really from Washburn or Microsoft, it will have a washburn.edu address or a Microsoft.com address. Also, it might have a caution flag on the email,” said Manila.

John Haverty, assistant director of User Services, works alongside Manila in Bennett Hall to help students whose accounts are disabled due to phishing scams.

“Call or email I.T.,” said Haverty. “They will walk you through the steps to restore your account access. Change your password to something that is completely different from any other password that you have used. If you can use a passphrase or a password generator, do that. Do not use the same password for all of your accounts.”

On the D2L Dashboard for all students and faculty, 2-Factor Authentication, or “Duo” became one of the main defenses against identity fraud at Washburn University.

“Duo is getting ready to start. Even if the hacker has your password, the hacker will not have your [specific] way to log in,” said Manila.

Click on this link to learn how to report phishing.

Edited by Donna Whipple, Savannah Workman, Abbie Barth and Matthew L. Self.