If it seems like have have received more spam or phishing emails in your Pace account than in years past, that is because you have. Online attackers use email to send large amounts of messages to people and are constantly evolving the way they approach their scams so they can get around defenses that protect people online.

However, it is not just Pace students and faculty that are receiving these emails. It happens to all large organizations, such as schools or businesses. Receiving emails from ITS also means that more people are reporting suspicious emails, which is good for helping ITS send out timely alerts to the Pace community. 

The Director of Information Security at Pace, Chris Bohlk, explains that most spam or phishing emails get blocked by security controls before they are received by students or faculty. 

“Attackers are continuing to find new ways to attempt to bypass security controls and get their emails to users,” Bohlk said. “Many messages are blocked by security controls and do not reach users. In fact, over a 90 day period, 58% of incoming emails to Pace were detected as spam and prevented from being delivered to the user’s inbox. When an active phishing campaign is identified and poses a significant threat, the Information Security Office strives to send out timely alerts to the community.”

People can protect themselves online by remaining vigilant to emails that might be trying to manipulate them, keeping passwords secret and unique, only going to trusted websites, keeping your computer browser updated with the latest antivirus software and being careful about downloading or installing any type of software. Spam emails typically contain a sense of urgency, telling the recipient to take action immediately or else the hacker will take action against them (such as locking them out of their account, leaking a video of them, etc.) It is important to be aware and think twice before taking action or opening links that look illegitimate. 

Junior Caitlin Kanaby has been receiving emails from hackers who claim they have access to her accounts and passwords. One email even put a virus on her laptop.

“After the first email I went directly to IT and they helped me by first sending the original email to the Information Security Office on campus, then helping me install antivirus software onto my laptop,” Kanaby said. “They also helped me change my password on my laptop. They were very helpful.”

ITS will keep reported incidents confidential. They work to identify, block, contain and respond to ongoing spam or phishing campaigns. If nessacary, an email warning the Pace community about the spam will be sent out. 

“If a Pace community member believes that they have accidentally provided their username and password as a result of a Phishing message and the Helpdesk is not immediately available they can change their password on their own at http://adam.pace.edu,” Bohlk said. “You should also change your password on each device where the same account is used. This helps to prevent the account from being locked out due to incorrect username and password login attempts.”

Users who have received a suspected Phishing message can send the original email as an attachment to [email protected].