AUBURN, Ala. (EETV) - October is cybersecurity awareness month, and with a recent phishing scam sent to hundreds of Auburn students, it's more important than ever to know how to identify and report scams to protect yourself and others.
The phishing attempt was sent by email to Auburn student Sophia Weber in early October. The subject read "AUBURN IT SUPPORT ACTION REQUIRED" and claimed her Auburn account would be terminated. The attached QR code, with message "Kindly scan the QR code below to cancel the termination process.", linked to a form where Weber entered sensitive information, such as her password and student ID number.
Weber's account was compromised and used to send a similar email to hundreds of other Auburn students. Auburn Office of Information Technologies quickly responded by temporarily shutting down her account. Weber was able to change her passwords and restore her account after losing access to Wi-Fi, Canvas, TigerCard, AU Access, and other Auburn services for more than a day.
We spoke with Auburn OIT Cyber Security Engineer Jim Weber about the situation. While he could not comment on this particular instance, he did provide words of advice on how to identify and report phishing scams.
Weber reassured that most phishing scams are blocked from ever reaching Auburn inboxes. Yet, some can still slip past protective systems. Weber offered three "warning signs" to identify phishing scams: 1. the message is unexpected, 2. the message is trying to evoke emotions, and 3. the message is asking you to do something. He notes that if an email, text, or call contains any or all of these, it could be a sign that it is a scam.
To view examples of real phishing scams, visit https://www.aub.ie/phishtank or visit https://www.aub.ie/cybersecurity for information on what to do if you fall for a scam.
