Some email accounts linked to the University of Chicago received an Oct. 2 message that said recipients needed to update their details and provide passwords or risk losing access to their school email accounts. While coming from a legitimate university email address, this message was actually a phishing email.
A phishing email is a message that pretends to be from a trusted source but actually contains a link with malware that can do anything from stealing sensitive information to freezing a computer.
According to Brian Hewlett, director of innovation and technology, the recent incident was the first occurrence like it in over half a decade.
“Emails that come from uchicago.edu are 99% of the time legitimate,” Mr. Hewlett said, “and so this time because the attacker used a legitimate account to send a malicious message, it got through.”
According to Mr. Hewlett, if students ever receive an email that claims to urgently need personal information, financial information, or your passwords, it is important to report them to University Information Security to help prevent the email from spreading further.
“You can always report those and that just helps the algorithm better detect them,” Mr. Hewlett said. “The more people that start reporting them, the easier it is.”