Over the past two weeks, more than 1,000 graduate and undergraduate students, faculty, and staff have been targeted in a phishing email scam that aims to compromise personal data.
On Feb. 12, unidentified attackers posing as Harvard representatives began sending out emails asking recipients to update their account information by clicking on an included link, according to Christian Hamer, Harvard’s Chief Information Security Officer. The link led to a fake login screen requesting the user's HarvardKey or PIN.
“At this time, we know that only a handful of people provided their credentials,” Hamer wrote in an emailed statement.
The attackers were able to use account information garnered from a few users to gain access to PeopleSoft, Harvard’s human resources system, according to Hamer. Once inside PeopleSoft, the scam’s perpetrators could attempt to view targeted individuals’ W-2 forms, if existent.
W-2s, federal tax forms provided to Harvard employees each year, report an individual’s income, taxes withheld, and Social Security Number, among other information.
“We believe the intended goal of accessing W-2s was to file fraudulent income tax returns to obtain tax refunds,” Hamer wrote.
Harvard Information Security first became aware of the scam on Feb. 14 and took immediate action. HIS staff blocked the attackers’ access to the University’s network, locked the Harvard accounts of individuals who had responded to the phishing campaign, and took down the fake Harvard login page, according to Hamer.
On Monday, Hamer sent an email to all students, faculty, and staff warning of the phishing attack, offering an example of the phishing email, and detailing what steps email recipients should now take. Information Security is continuing to contact individuals whose W-2s were accessed by the attackers, according to Hammer.
Scams and technology attacks one are far from new to campus. In 2006, University social organizations were the targets of a fundraising scam. Last June, a security breach to the Faculty of Arts and Sciences and central administration information technology networks may have compromised individuals’ email login credentials. More recently, two Harvard freshmen said they were scammed out of more than $1,500 in a phone scam a little over a month ago.
In light of the recent phishing attempt, Hamer urged all Harvard affiliates to remain vigilant.
“Phishing is one of the most common scams on the Internet,” Hamer wrote. “We discover phishing campaigns with varying targets daily. We all need to be alert for phishing emails every day.”
–Staff writer Hannah Natanson can be reached at firstname.lastname@example.org. Follow her on Twitter @hannah_natanson.
Personal Data at Risk in HackLast month’s hack of a Graduate School of Arts and Sciences (GSAS) Web server may have compromised 10,000 sets of
HSA Offering Free TV Through Sunday
Harvard Can't Fully Prevent Future Cyber Attacks, Experts SayAccording to experts in cyber security, there may be nothing that Harvard and institutions like it can do to fully protect themselves from future attacks from hackers.
Freshmen Launch Crowdfunding Site After Phone ScamThe two students said they started a fundraising campaign after they were the victims of a phone-based scam that led both of them to wire more than $1,500 to Puerto Rico.
University Requires New Two-Step Verification for Online ResourcesCollege students will have to use a new two-step verification system starting Oct. 19 to access most online Harvard resources, following the implementation of HarvardKey last spring.