Bill Ouchark (pictured), the Chief Information Security Officer at WCC, discusses cyber safety and phishing emails in the college community. Photo credit – Sara Faraj
By Rachel Bennett
Contributor
In the internet age, nothing is safe. Cyber hacking and email spam put unsuspecting students at risk. Recently, WCC staff and faculty members received an email from someone claiming to be President Rose Bellanca. The sender of the email attempted to obtain personal information from targeted parties. Cybercriminals set up fraudulent emails to steal a person’s credentials, such as passwords, credit cards, social security numbers and other personal information. This practice, called phishing, is when emails are designed to trick an individual or groups of individuals by appearing to be a reliable organization or person. In this case, the cybercriminal claimed to be President Bellanca in order to steal information from the staff. Phishing is a form of Social Engineering, designed to illegally acquire information; which could be as simple as requesting recent updates or confirmation of account information, often suggesting a problem. The email will then direct you to a fake link or website where cybercriminals then steal the information.
To avoid becoming a victim of a phishing email, always look before you click on an unfamiliar link “Anybody after credentials can create a phishing email” says Bill Ouchark, Chief Information Security officer. “Before clicking, hover the mouse over the hyperlink and see if the message above the hyperlink matches it. If not, it could be a phishing email”. When looking for phishing emails in your account, a red flag could mean the address is unexpected or unusual with an embedded hyperlink or attachment. Another common red flag are emails that are sent from an outside organization that aren’t in any relation to jobs or social groups in your life.
WCC and legitimate businesses will never ask for your passwords or any personal or financial information by email. The best way to avoid becoming a victim of a phishing email is to never send personal or financial information over the internet. Since the recent phishing email incident, WCC staff put together a technical class, which teaches about phishing scams and how to avoid them. The best tragedy for avoiding a phishing scam is to not open any unexpected links from unfamiliar parties. If any students think they have received a phishing email, the recommendation is to change all passwords on your accounts and to report the email to abuse@wccnet.edu.
