It could be you—one of the many students who have been victims of phishing emails and hacks in their Exeter.edu e-mail accounts.
Over the past couple of months, Phillips Exeter Academy students have found themselves under threat by unidentified hackers who have detected vulnerability in the students’s email accounts and have exploited this to get access into their accounts and those of other users of the Exeter email systems.
One way this has been made possible is by hackers sending various baiting emails through Exeter.edu accounts, and impersonations of staff members through their accounts, with appealing contents listed like job offers, and other topics requiring personal information from the victims like full name and, postal address. The lure is as simple as clicking a link for more information, which leads to another portal.
Worse, the hackers use the accounts of Exeter summer students and distribute emails to different people as if they were the student themselves.
On May 21st, the manager of customer services and information technology services, Donna L. Archambault, sent an official email, requesting all students to change their account passwords within the deadline of Thursday, May 24, at 6:30 a.m, in efforts to combat phishing emails. The email read:
“Dear New Students,
Over the last few weeks, we have experienced several email phishing scams. Unfortunately many of our community members provided their usernames and passwords to the hackers. The hackers are using these credentials to access Exeter email accounts and broadcast more phishing emails to the community.
When hackers have our credentials, it opens a door to dangerous activity. They are able to scan email accounts for sensitive information like bank account numbers or passwords. They could use those credentials to find a path into the systems that house grading, payroll, or endowment information. They could hijack your computer with ransomware. We have no evidence that data has been compromised, but the risks are very real.
In an effort to stop the phishing, we are forcing all users to change their password. If you have not changed your password, it will expire Thursday, May 24, at 6:30 a.m. If your password expires, you will not be able to login to PEA resources such as email, Lion Links, Exeter Connect, and Canvas.
Mrs. Archambault also told students not to click on peculiar links.
As recently as last Thursday, July 19th, a job offer email from a peculiar company was sent to various Exeter summer students. This job opportunity offered $450 per assignment, the assignment being, to go to any retail store/convenience store such as, 7/11, Target, Costo, Macy’s, JCpenney and report on the customer service given, claiming that it was an attempt to help solidify the attention given to customers and also the stores’s customer service. Like other phishing emails it asked for the reader to click a link and this link led to another portal which proceeded to ask for information like your name and address. What seemed strange was that this suspicious email was sent around 2 in the morning.
William Nguyen,15, a student in the Exeter summer program, and a victim, like many others, of this phishing email said, “When I first read it I considered the offer.” This demonstrated how appealing the content in the letter must have been. Also when asked about the textual content of the email, William said, “The email said that they would be paying me a few hundred dollars to go shop at a mall and certain locations, and report the experience back” and when questioned about his awareness that phishing emails were going around he said, “No, I wasn’t aware of accounts being hacked before this happened.” Then, when asked about how he felt about the email at the end, he light-heartedly replied by saying, “I thought it was badly put together. The click here link didn’t have a space in between. It said, ‘Clickhere’ as one word.”
Fortunately, the Phillips Exeter Academy IT department is still working hard to combat this issue, and shortly after the job offer email went around, Mrs. Pamela Dumont, an IT staff member, distributed an email that asked students to not enter their PEA username and passwords on unfamiliar websites, and to not click on any suspicious links, warning them to change their username and passwords if they had ignored the first two procedures.