UPDATE: Phishing Emails a CEO Attack; ITS Emails a Precaution

James Miranda and Joseph Tucci

A week following an email claiming to be from Pace President Stephen Friedman was identified to be a phishing email, the Information Technology Services (ITS) has been working to identify the nature of the email as well as help the Pace community protect themselves from similar attacks.

Information Security Analyst Lawrence Robcke couldn’t confirm specific details such as the origin/source of the email and could not disclose if there was an investigation. But stated it was a “spammer” not a “hacker.”

The senders, however, were not a pace.edu address, as disclosed in the ITS emails.

“The type of attack is known as a ‘CEO attack,’ so, basically they use somebody of influence within the place of work,” Robcke said. “But you got to take a minute and use common sense on this and ask yourself, ‘would the president of the university be communicating with you directly in regards to your account?’ That’s not something that happens with any legitimate company or any legitimate technical source.”

CEO attacks are meant to create a sense of urgency and detracts people from the source of the email.

The contents of the attachments in both phishing emails were websites that requested credentials. One included a PDF that, once opened, included a link to a phishing website that would thus request the credentials of users.

Several staff members first reported the emails to the ITS department, according to Robcke.

Both ITS emails cautioned the community to be vigilant for similar emails in the coming months and throughout the rest of the year. Emails of this nature happen on a “daily basis,” according to Robcke, and that it’s hard to catch every single one.

“We would like to continue to emphasize that in the future, if [students, faculty, or staff] get emails such as this don’t just delete them, send them off to the Helpdesk itself,” Robcke said. “We also have [email protected], another line of communication where emails can be forwarded to us.”

ITS Director of User Services Shikha Bajracharya and the ITS Helpdesk sent out two precautionary university-wide emails Thurs., Jan. 26 alerting Pace to the circulation of two separate phishing emails.

The ITS emails were sent out as a precaution that the Helpdesk always takes. They elect not to send the precaution emails all the time, however, because they do not want to consistently bother students and faculty.

But Thursday’s two emails took precedent, according to Bajracharya.

“What we sent out last week was a precautionary notice,” Bajracharya said. “We weren’t sure at the time that we sent it out who got it all because it can go to a hundred people, a thousand people, it could go to everybody; you really don’t know. So, while a lot of our security folks were trying to figure out what’s going on and the details, we just said, ‘you know what, better safe than sorry.’”

Robcke also said “you can bet” that other schools may have been targeted, but nothing’s confirmed.

The number of people who received the phishing emails is unknown, according to the ITS Department.

The ITS Helpdesk website provides education regarding spam and phishing emails as well as optional alert systems for students, faculty, and staff. The department highly encourages the community to educate themselves regarding online dangers.