more than 9,000 fraudulent emails sent to students
DeKALB— Two student email accounts were behind a phishing attack that saw more than 9,000 emails sent through the NIU Office 365 server on Tuesday, according to NIU DoIT and NIU Communications.
The emails sent to the students solicited part-time job opportunities from the humanitarian organization UNICEF, which paid $500 a week. After the recipients opened the email and provided additional account information, the intruders were able to infiltrate two student email accounts to send more emails.
Although phishing incidents are very common, NIU DoIT said this number of successfully sent emails is a significant number.
The email has been deleted from the NIU mail server and all recipients have been notified of the phishing attack. Users who responded to the account were also contacted to properly save their accounts, according to Joe King, associate director of corporate communications at NIU.
NIU uses Microsoft Office 365 email protections as well as multi-factor authorization on all student accounts to prevent scams such as phishing and other malware.
If you believe you have been phished on an NIU account, the university asks you to mark the email as phishing and then forward the email as an attachment to firstname.lastname@example.org your account password and immediately contact the IT Help Desk at 815-753-8100 to discuss next steps.