About Phishing Attacks

Introduction

This page explains

  • what phishing scams are
  • how they work
  • how to protect yourself, and
  • how to respond if your account has been compromised.

Phishing Defined

"Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication." (Source: Wikipedia)

How Phishing Scams Work

Many Biola email accounts have been compromised by phishing emails. These email messages attempt to steal NetID passwords by tricking you into clicking a link that redirects to a fake login page. Once you’ve signed in, they have your credentials, which they use to steal additional information or send more phishing emails from your account.

  1. A malicious actor distributes a link to a spoofed login page via email to a large number of Biola community members.
  2. A Biola community member enters their NetID credentials into the spoofed page, giving the malicious actor access to a valid Biola Google account.
  3. The malicious actor steals a new set of email addresses from the person's personal contacts or the Google Apps Contacts Directory and then repeats the process.

The Difficulty of Combating Phishing

There are two main reasons phishing attacks are so difficult to stop:

  1. Phishing email at Biola is coming from legitimate email accounts that were compromised when a Biola community member was fooled into handing over their username and password. It can’t be detected and flagged automatically using standard tools because unlike traditional spam, which is easily identified by where it originates, or the bogus accounts used to send it, phishing email comes from valid biola.edu addresses.
  2. Biola students and alumni, who tend to be most vulnerable to these schemes, are also the most numerous types of accounts in our Google Apps domain. If even a small fraction of these fall for the scam, this can have a significant effect on the broader community.

How to Protect Yourself

  1. Pause and think before you click. If you get a message and aren’t sure if it’s legitimate, delete it, or contact the IT Helpdesk using one of the methods listed in the sidebar to the left.
  2. Biola IT (or Google) will never close your accounts suddenly. Malicious actors love to prey on fear and uncertainty to get you to make a hasty decision.
  3. Be very skeptical of links in emails or attachments that take you to anything with a login screen. It’s better to type the address manually into your browser than to click. The following links take you to different websites; can you spot the fake without visiting the site?
    1. Gmail.com
    2. Gmail.com
  4. IT will never ask you for credentials or other sensitive information via email, text, or telephone.

How to Respond If Your Account Has Been Compromised

If you clicked on the link from a phishing email, and submitted your NetID credentials, please navigate immediately to login.biola.edu and do the following:

  1. Reset your NetID password.
  2. Confirm that the personal email address listed is yours – if not please remove it.
  3. Notify the IT Helpdesk immediately. This may allow them to secure the account before malicious actors can use it.

If you clicked on the link but did not submit your NetID credentials, no further action is needed. Simply delete the email.

If you need help, contact the IT Helpdesk using one of the methods listed in the sidebar to the left.

Biola University
13800 Biola Ave. La Mirada, CA 90639
1-562-903-6000
© Biola University, Inc. All Rights Reserved.