The News Site of North Carolina State University - Technician

Technician
The News Site of North Carolina State University - Technician

Technician
The News Site of North Carolina State University - Technician

Technician
Categories:

Phishing attacks increase at NCSU

Katherine Kehoe, Assistant News EditorApril 9, 2014

Phishing attacks aimed at N.C. State students, faculty members and staff are increasing because attackers are discovering ways to obtain money from university accounts, according to Kerry Digou, Information Technology Manager for Security and Compliance. 

Within the last 30 to 60 days, institutions of higher education nationwide have noticed a huge uptick in phishing attempts, Digou said.  

“We’re seeing more of it now because the attackers have figured out how to monetize it,” Digou said. “Your account is worth money to them.”

Phishers most commonly send emails posing as an official from N.C. State asking for Unity IDs and passwords. Their goal is to send out as many emails as possible in order to obtain the information of any University member who gets a paycheck through direct deposit, Digou said.

Story continues below advertisement

If the phishers are able to get into an account, they can change the student or faculty member’s bank account information so the money is directly deposited into their bank account instead, Digou said. 

However, of the attacks that the Office of Information Technology can verify, about one percent of all phishing attempts at N.C. State are successful in retrieving account information, according to Digou.

Stan Martin, director of outreach, communications and consulting for OIT, said when an account is compromised, that email address is often used to send more phishing emails because N.C. State email addresses look familiar and are unlikely to be sent to spam folders. 

“It really is everybody’s responsibility to take the necessary precautions so their account doesn’t get hacked,” Martin said. “It’s not only them that is inconvenienced, but it also has an impact on the rest of the community because they are going to use that account to hit the rest of us.”

OIT is still looking for different solutions to tackle this problem.

“The emails are still working,” Digou said. “I don’t know what the solution to that is. We’ve said we will never ask for your information in an email or over the phone, and it still works.”

Universities are a soft target for phishing attempts due to how open they need to be about publishing the personal information of students and employees, Martin said. 

In an effort to combat the rising phishing attempts, OIT has advised students to protect themselves by activating Google’s two-step authentication process, installing antivirus software, avoiding attachments from unfamiliar senders verifying hyperlinks before clicking and, most importantly, never sending sensitive information in an email.

Last month, the Division of Human Resources decided to stop allowing online changes to direct deposit information, Martin said. 

Martin stressed the importance of paying attention to emails claiming to be from an N.C. State official. Many of the phishing emails are written and designed by people who don’t know English as a first language, so something about the email is likely to appear abnormal. 

“Sometimes those messages look really legitimate, but sometimes you look at the email that somebody replied to and actually got hacked by,” Martin said. “We’re still amazed at the people who are falling for these.”

Phishers work solely through the internet and are often located in another country, which makes them very hard to track down and stop, Martin said. 

“It really is a shell game to be able to track that stuff down, and it takes a huge amount of legal resources to do it, and they know it.”

While phishing attempts aimed at universities have spiked in the past two months, phishing has been around for a long time, and this is not the first time N.C. State has been faced with problems such as these, Martin said. 

“The term phishing actually originated in 1996,” Martin said. “It has kind of progressed over time and become more sophisticated in terms of ways of duping people. This is only the latest.”

Print this Story
More to Discover
More in News
An event organizer looks onto demonstrators piling in to hear guest speakers after the Raleigh May Day march at Bicentennial Plaza on Thursday, May 1st., 2025.
Raleigh May Day Protests
Graduating undergraduate students file into their seats before the University Commencement ceremony in Carter-Finley Stadium on Saturday, May 3, 2025. NC State conferred 7,234 degrees at the ceremony, including 5,079 bachelor’s, 1,783 master’s, 306 doctoral, and 66 associate degrees.
University Commencement Ceremony, 2025
Generic Technician Logo
International students’ SEVIS records restored after visa revocations
Bailey Lawson, a second-year studying graphic and experience design, models “The Return Home” by Mia Danford-Klein during the Art2Wear: Revive! show at the Gregg Museum of Art and Design on Thursday, April 24, 2025. “The Return Home” is a tribute to the cycle of life, death, and rebirth, and explores the balance between life’s fragility and strength using elements of nature.
Art2Wear: Revive!
A sign points students towards the Flower Moms tent at Wolf Plaza on Thursday, Nov. 14, 2024. The Free Moms engage with students every Thursday, chatting with them and giving out a variety of free goods.
Free Moms told to cancel weekly event during finals, prompting student backlash
A sign on the doors marks the continued closure of Poe Hall on Wednesday, Jan. 24, 2024. Poe Hall was closed in November 2023 due to the presence of environmental contaminants (PCBs).
Federal cuts halt Poe Hall Health Evaluation
Menu
Activate Search
Home
Phishing attacks increase at NCSU