Duo authentication is optional unless you’ve had a compromised account. Right now, we have about 600 users doing the two-step authentication for email. Not all are victims of clicking on a fraudulent link; some are just being proactive. We haven’t had any problems from accounts being overtaken when users have Duo authentication with their email.
Q: How is the ITS department continuing to prevent the phishing emails and protecting students from them?
A: One of the projects we were hoping to have rolled out soon, but we want to make sure its done right, is a solution from Cisco called Email Security that does spam and phish filtering. We are working on detecting spam and warning users. It gives us a warning on some emails for users to proceed with cation. This tool can look into a link and won’t let you get to it saying the site is not to be trusted.
Q: How much damage if any has been caused by phishing emails?
A: For us, we’ve calculated it is about 30 minutes of staff time working to fix every compromised account. People on security team and in the Technology Support Center are all putting time in. We have spent thousands of man hours on this. We’ve had people who have been affected with their direct deposit being tampered with and W-2 form information have been accessed by hackers who have tried to get a refund with the tax information.
Q: What are possible solutions to this problem going forward?
A: Better filtering of the Cisco to stop the phishing emails from coming in in the first place, making students and staff aware of common signs of a fraudulent email and ultimately two-factor authentications are very effective methods. It is important to remember that the University will never ask you to submit your password through a link in an email marked “urgent.”
For examples of phishing emails and tips to protect accounts from becoming compromised, visit the Information Technology Service’s web page on phishing at https://www.bgsu.edu/its/infosec/phishing.html.
