There has been a rise in the number of phishing emails sent to Oxford students’ accounts, causing the University to temporarily block Google Docs.
Disabling Google Docs, a website for storing documents online, was a measure taken to prevent emails which appear to be from University officials. Students are increasingly targeted by hackers seeking their account details as university accounts can be used to send spam emails and appear legitimate.
In a blog post on their website, OxCERT (Oxford University Computing Service) explained the decision to block Google Docs, saying, “Over the past few weeks there has been a marked increase in phishing activity against our users. Now, we may be home to some of the brightest minds in the nation. Unfortunately, their expertise in their chosen academic field does not necessarily make them an expert in dealing with such mundane matters as emails…It only takes a small proportion to respond for the attacks to be worthwhile.”
The blog post continued, “Almost all the recent attacks have used Google Docs URLs…We considered these to be exceptional circumstances and felt that the impact on legitimate University business by temporarily suspending access to Google Docs was outweighed by the risks to University business by not taking such action.”
A Google spokesperson defended Google Docs, telling Cherwell, “Google actively works to protect our users from phishing attempts. Using Google Docs, or any of our products, for distribution or coordination of phishing is a violation of our product policies, and we will remove any forms or disable accounts discovered to be used for these purposes.”
Phishing through Google Docs is part of a wider increase in the practise within the University. In an email to Oxford students, Professor Paul Jeffreys, Oxford’s Director of IT Risk Management, warned, “You may recently have received fraudulent emails asking you to visit a website to supply your username and password, or requesting that you send them by email…There have been a very large number of such emails sent recently…Don’t be tricked into handing over your password as a result of these emails.”
Several undergraduates received phishing emails last week which claimed, “You will be unable to send and receive mails and your email account will be deleted from our server. To avoid this problem, you are advised to verify your email account by filling this maunal [sic.] information.” A link to a Google Doc for student usernames followed.
The amount of other spam emails reaching Oxford students has also increased. Undergraduates have received three emails from the websites ‘Lashzone’ and ‘Lashxone’, with the most recent being sent on Saturday 23rd February. Their website states, “We offer professional assistance on post-secondary homework, assignments, essays, lab reports, assignment revision…etc. You get the idea?”
A University spokesperson commented, “While Oxford University has extensive anti-spam defences in place, spammers are constantly adapting their tactics to evade our countermeasures. IT Services have to balance the risks of spam attacks against the risks of disruption to legitimate email traffic. Unfortunately this means that it is inevitable that some spam will get through the defences – this particular set of messages was just one of hundreds of spam runs that hit the University each day, and often many runs come from the same source.”
Regarding emails from Lashzone, the university stated, “IT Services have been in contact with the Proctors’ Office regarding the mails from Lashzone. We are satisfied that reasonable technical countermeasures are in place, but these are continually reviewed in view of evolving threats.”
When pressed about criticism from universities, a Lashzone spokesperson commented, “We smile and walk on.”
