BY A.J. SPIRITO // DEC. 17, 2012 //
If you’ve ever eaten the canned meat SPAM, you know just how unappetizing it can be. The email version by the same name is just as bad.
Just ask Chris Swenson, Curry’s network manager, who has had more than his fair share of sickening days this semester due to successful email phishing schemes.
The problem, Swenson explains, is that different faculty, staff and college administrators at Curry have fallen victim to schemes in which recipients are asked—under false pretenses—for their user name and password. Once the information is obtained, thousands of spam emails are maliciously sent from that user’s account. As a result, email service providers such as AOL and Comcast block all emails that end in curry.edu.
The process to unblock is long and tedious, Swenson says.
The college uses a spam filter called Barracudo, which prevents about 70 percent of all spam and phishing messages from getting into Curry email inboxes. However, “In recent months, spammers have improved their messaging, making it look more real,” Swenson says.
Curry’s IT department has repeatedly sent notifications to faculty, staff and others warning about suspicious emails from unknown parties. However, with some 900 paid members of the Curry community, it’s difficult to get through to everyone, Swenson explains.
Nancy Gallagher, an administrative assistant in the Science and Math Department, says her approach is simple: She “just delete[s] anything suspicious looking on my email.” Almost everyone on campus does the same thing, but it takes only one mistake to damage all who use a curry.edu account.
According to Swenson, students have been unaffected by the phishing and spamming schemes because their email is through Gmail. In addition, the two-day Internet outage on campus in mid-November was due to problems with Verizon, the college’s Internet provider, not because of email spam.
Swenson was also quick to point out that there are other, bigger risks associated with falling victim to an email phishing scheme, including identity theft. So, he wants to remind everyone that if Curry’s IT department wants to contact members of the college community, the email will come from a Curry account. In addition, the IT department would never ask anyone for their username and password.