Mail server

Phishing Scam Hits NIU Mail Server

more than 9,000 fraudulent emails sent to students

Getty Images

NIU was the subject of a phishing scam on Tuesday that targeted more than 9,000 student email addresses after two accounts were compromised.

DeKALB— Two student email accounts were behind a phishing attack that saw more than 9,000 emails sent through the NIU Office 365 server on Tuesday, according to NIU DoIT and NIU Communications.

The emails sent to the students solicited part-time job opportunities from the humanitarian organization UNICEF, which paid $500 a week. After the recipients opened the email and provided additional account information, the intruders were able to infiltrate two student email accounts to send more emails.

Although phishing incidents are very common, NIU DoIT said this number of successfully sent emails is a significant number.

The email has been deleted from the NIU mail server and all recipients have been notified of the phishing attack. Users who responded to the account were also contacted to properly save their accounts, according to Joe King, associate director of corporate communications at NIU.

NIU uses Microsoft Office 365 email protections as well as multi-factor authorization on all student accounts to prevent scams such as phishing and other malware.

If you believe you have been phished on an NIU account, the university asks you to mark the email as phishing and then forward the email as an attachment to [email protected]change your account password and immediately contact the IT Help Desk at 815-753-8100 to discuss next steps.