Phishing Email Circulates Pace Network

Pace’s ITS (Information Technology Services) Helpdesk sent out university-wide emails alerting the community about spam and phishing emails on Thurs., Jan. 26.

The ITS department sent two emails at 1:18 and 1:44 PM, respectively, alerting students to the existence of two spam and phishing—scams designed to provoke the receiver into disclosing personal information—emails from individuals claiming to be Pace President Stephen Friedman.

The first email described that a spam email was circulating and included a photo of the first phishing email, which told the receiver to open the attachment for an important announcement and claimed to be Friedman.

The ITS email included their contact information for emergency if any receiver opened the attachments, information regarding what phishing is, and other guidelines regarding fake web forms.

The first phishing email as depicted in the email sent by Pace ITS Helpdesk. Photo from ITS email.

The second email similarly included the same details and guidelines, but included the sender’s other email again claiming to be Friedman.

A photo of the second phishing email was provided and described a “new development” that will benefit everyone and an attachment to read for more information.

Both phishing emails included attachments, but the contents of the attachments are unknown at this time.

The second phishing email as depicted in the email sent by Pace ITS Helpdesk. Photo from ITS email.

It is unclear if there will be an investigation on the origin of the email.

Director of Campus Safety and Security Vincent Beatty said that security will not be leading any investigation.

“Generally no [we don’t deal with these types of things],” Beatty said. “IT has a staff that is better suited to deal with these types of scams.”

The ITS Helpdesk was not available for comment and Information Security Analyst Lawrence Robcke declined to comment as well due to it being a security issue.

This isn’t the first time this school year that Pace emails have been hacked or an email scam circulated.

An Arizona man was arrested Nov. 2 for hacking over 1,000 Pace emails and social media accounts in search for lewd and embarrassing content between Oct. 2015 and Sept. 2016.

Pace notified the FBI in August and an investigation ensued, which discovered that Jonathan Powell, 29, used a password-reset tool to gain access to emails and changed passwords.

The investigation found he attempted to do the same to 75 other universities and faced five-years maximum in prison for fraud.

This is an ongoing story and there will be an update.