Chapman’s IS&T team urges students to be cautious as scam emails increase

Chapman students have noticed a rise in suspicious emails sent to their school accounts, which began at the end of last school year. These email subjects vary, but all ask for the personal information of students with the intent to gain private information or solicit money from the receiver.

Katrina Wysokinski is a junior health science major and noticed that she received a few job scam emails over the summer.

“When it comes to these emails, I am frustrated to see that they are in my inbox, but I feel like they are easy to spot,” Wysokinski said. “The offers are just too good to be true.”

Most emails offer students a promising remote job opportunity or are phishing to gain access to their usernames and passwords. Many of the emails offer remote or work-from-home positions and then ask for banking information. 

Amanda Palacios, a junior integrated educational studies major, commented on how she perceives these emails.

“I think that the emails are a little annoying as I use the email account for school and important communications, but I keep having to see and ignore constant scams popping up,” Palacios said. “Chapman keeps telling us to watch out for them and let them know if we see any, but they never let us know what they are doing on their end to fix this problem.”

Chapman’s Information Systems and Technology (IS&T) team sent out a warning to students of these scams on Aug. 25. 

Weeks earlier on Aug. 1, Dean of Students Jerry Price detailed that both students and alumni had fallen victim to these scams, resulting in the loss of thousands of dollars.

“The goal of the scam is to eventually manipulate students into providing financial information,” Price wrote in the email. “The sender is able to make the job announcement appear to come from another Chapman student or employee, which makes it seem more legitimate.”

Michelle Sypinero, Chapman’s assistant vice president of information security, explained why students are being targeted for these specific types of scams.

“For attackers, education institutions are a particularly enticing target for attack as colleges and universities hold sensitive data on students, including personal and financial information, as well as accounts and passwords, which are very valuable for attackers,” Sypinero said. “Scammers know that students are often busy, stressed and looking for job opportunities, making them more vulnerable to falling for fraudulent offers.”

Sypinero detailed that one way that scammers can get email addresses is a tactic called email harvesting. This strategy consists of a person instructing a bot to find email addresses with the “@” symbol, allowing thousands of emails to be found in seconds.

She also stated that these emails often look like they are from real companies or organizations. 

In the emails, they will ask the receiver to click a link or open an attachment, allowing them to immediately access information about them.

When opening an email from an unknown sender, IS&T recommends that students verify the sender's identity before sending information or clicking on any attachments. 

They also advise forwarding suspicious emails to the IS&T Information Security department at abuse@chapman.edu.

To help protect yourself and other students, the university recommends never sharing passwords or banking information, as the university or other organizations will never ask for these pieces of information.