Phishing email causes headaches at University of Missouri

A phishing scam that led to delays in University of Missouri campus emails Tuesday happened after a Missouri Democratic Party message was used by someone else for nefarious purposes.

The emails began when staffers with the party sent messages to several campus emails Monday seeking student volunteers and unwittingly sent the message to a listserv address that then went out to all campus emails, a party spokeswoman said.

“One of the coordinated staffers was reaching out to folks from a publicly available student directory they found online and they didn’t realize one address was a listserve,” party spokeswoman Brooke Goren said. “It wasn’t anything intentional, they were just trying to get more students involved.”

MU spokesman Christian Basi said a student fell for a separate phishing scam after the Democrats’ email was sent. The hacker then used the information in the Democratic Party email in that student’s mailbox to send out phishing emails campus-wide.

The initial email seeking campaign volunteers Monday was identified as spam, Basi said, and the university adjusted its spam filters.

MU students received an email Tuesday night from campus technical support saying an individual used a student’s account to send a phishing scam to its distribution list.

The tech support message told email users the phishing scam went out to most faculty members, staff and students and included a link to a website telling those who received the email to contact a fake computer support center.

Gary Allen, MU’s vice president of information technology, said more than a million emails went out in about one-and-a-half hours.

Allen said they have since purged the suspect message from the email system:

“While email traffic was delayed during the event, MU’s IT systems were not compromised,” he said.

The university warned email users not to reply to the phishing email and to go to a campus support site for steps to protect their accounts.

{“url”:”https://twitter.com/Mizzou/status/1034556516932698113″,”author_name”:”Mizzou”,”author_url”:”https://twitter.com/Mizzou”,”html”:”&#lt;blockquote class=”twitter-tweet”&#gt;&#lt;p lang=”en” dir=”ltr”&#gt;If you clicked the link in the &#lt;a href=”https://twitter.com/hashtag/FallInternshipSpam?src=hash&ref_src=twsrc%5Etfw”&#gt;#FallInternshipSpam&#lt;/a&#gt; email, here’s some steps you can take to protect your account: &#lt;a href=”https://t.co/11MYkJnvCP”&#gt;https://t.co/11MYkJnvCP&#lt;/a&#gt; And once again, don’t reply to that email. &#lt;a href=”https://t.co/fwvsAFcrkI”&#gt;pic.twitter.com/fwvsAFcrkI&#lt;/a&#gt;&#lt;/p&#gt;– Mizzou (@Mizzou) &#lt;a href=”https://twitter.com/Mizzou/status/1034556516932698113?ref_src=twsrc%5Etfw”&#gt;August 28, 2018&#lt;/a&#gt;&#lt;/blockquote&#gt;n&#lt;script async src=”https://platform.twitter.com/widgets.js” charset=”utf-8″&#gt;&#lt;/script&#gt;n”,”width”:550,”height”:null,”type”:”rich”,”cache_age”:”3153600000″,”provider_name”:”Twitter”,”provider_url”:”https://twitter.com”,”version”:”1.0″}

Missouri Attorney General Josh Hawley’s campaign re-tweeted a message from the university’s main account about the incident. The campaign tied the Missouri Democratic Party to the email, questioning whether the party “engaged in an illegal phishing scheme” to get students’ information.

{“url”:”https://twitter.com/HawleyMO/status/1034602379818225664″,”author_name”:”Josh Hawley”,”author_url”:”https://twitter.com/HawleyMO”,”html”:”&#lt;blockquote class=”twitter-tweet”&#gt;&#lt;p lang=”en” dir=”ltr”&#gt;Hey &#lt;a href=”https://twitter.com/MoDemParty?ref_src=twsrc%5Etfw”&#gt;@MoDemParty&#lt;/a&#gt;, this is your email &#lt;a href=”https://twitter.com/Mizzou?ref_src=twsrc%5Etfw”&#gt;@Mizzou&#lt;/a&#gt; is talking about. So did you engage in an illegal phishing scheme to get students’ personal info? Or did the Russians do this too? cc: &#lt;a href=”https://twitter.com/clairecmc?ref_src=twsrc%5Etfw”&#gt;@clairecmc&#lt;/a&#gt; &#lt;a href=”https://t.co/Rt2Y5X6fNJ”&#gt;https://t.co/Rt2Y5X6fNJ&#lt;/a&#gt;&#lt;/p&#gt;– Josh Hawley (@HawleyMO) &#lt;a href=”https://twitter.com/HawleyMO/status/1034602379818225664?ref_src=twsrc%5Etfw”&#gt;August 29, 2018&#lt;/a&#gt;&#lt;/blockquote&#gt;n&#lt;script async src=”https://platform.twitter.com/widgets.js” charset=”utf-8″&#gt;&#lt;/script&#gt;n”,”width”:550,”height”:null,”type”:”rich”,”cache_age”:”3153600000″,”provider_name”:”Twitter”,”provider_url”:”https://twitter.com”,”version”:”1.0″}