LJWorld.com weblogs Heard on the Hill
Phishing for compassion
Last week we reported on IT security at KU. The story focused largely around the possibility of a sophisticated stealth attack on the university’s computer system. But that certainly isn’t the only type of cyber-threat the university and its network users face.
When I sat down with Rob Arnold, KU’s information security officer, he said one of the biggest security threats doesn’t come from attacks on the system itself at all.
“We know from a large amount of data available to us that the most successful attacks are not technological attacks, but people attacks,” Arnold said. Those “people attacks” refer to attempts to trick students, faculty and staff into giving up information or network credentials. When this is done in email form, it’s called “phishing.”
A KU American Studies faculty member, Randal Jelks, unwittingly became the focal point of a bizarre phishing scam after hackers recently stole his email contact list. Channel 6 News reports that phishers sent emails to Jelks’ contacts claiming to be him and saying he was stranded without his wallet in the Philippines and money.
I really hope you get this fast. I could not inform anyone about our trip, because it was impromptu. we (sic) had to be in Philippines for Tour... The program was successful, but our journey has turned sour. we (sic) misplaced our wallet and cell phone on our way back to the hotel we lodge in after we went for sight seeing. The wallet contained all the valuables we had. I am sorry if i (sic) am inconveniencing you, but i (sic) have only very few people to run to now. i (sic) will be indeed very grateful if i (sic) can get a short term loan from you (2,800USD)? (sic)
Aside from having his identity hijacked for unsavory purposes, Jelks was miffed by the poor grammar attributed to him. As he told Channel 6: “It was so poorly written that I thought c'mon guys give me a little bit better credit than that.”
I would like to think it was my cyber-safety savvy that kept me from immediately forwarding $2800 U.S. dollars to poor Fake Randal Jelks, who was out there wandering penniless in remote lands. But it’s hard to say. Such scams are especially pernicious because they erode our faith in our fellow humans. More, they test and perhaps even dull our compassion reflex.
Consider if the email had been real, and better written. What if Real Randal Jelks had been stranded and in need of a direct wire transfer from somebody? Would I have sent him the money? (Let’s just pretend that I’m good for $2800, though that’s a fiction as bizarre and unlikely as that made up by Fake Randal Jelks.)
We can’t let the world’s phishers and scammers make cynics of us. Let’s build a better world. You can start now, by sending your KU news tips to firstname.lastname@example.org. Please also send a loan of $2800 USD immediately to ensure my safe return from the Philippines.