Cell phones, computers, and other online devices are essential parts of our daily routine at Hunter College. Many software apps, such as Instagram, LinkedIn, and Adobe Cloud, offer their products and services to consumers. And to use these third-party services, users have to sacrifice their privacy and provide their personal information. This breach of privacy can trigger data leaks to unwanted users, often in the form of scam emails. Hunter College students receive these phishing emails frequently enough for faculty to take action. The mass email sent on September 22, by Eija Ayravainen, Vice President of Student Affairs, offered tips to identify what a potential scam email could look like by giving these examples: “$800 weekly part-time job offer” and “I am giving out my antique piano for free.” Emails like this are often scam emails, where the offer appears too good to be true.
According to Jonathan Montoya, a sophomore student majoring in history education at Hunter College, “These scam emails do not include an ‘unsubscribe’ option from the emailing list. You can’t really stop these emails to be honest, they just keep coming,” said Montoya. “Some of these emails are very funny because of how unrealistic the offer in the email is.”
According to the United States Federal Communications Commission, the CAN-SPAM Act protects individuals from unwanted commercial emails. Specifically, Section 14 of the CAN-SPAM Act requires the Commission to develop rules to protect consumers from “unwanted mobile service commercial messages.” All commercial email communications also are required to include a “unsubscribe” or “unsubscribe from the emailing list” hyperlink somewhere in the email. This act protects email recipients from mass unwanted emails.
Another Hunter College student, Victor Franco, a junior who majors in human biology says, “I get one of these scam-like emails to my school email account at least once a week.” Many of these emails seem realistic enough to provoke follow-up questions. In this instance, Victor tried to contact an email sender who left their phone number in hopes of getting an internship. “I thought it was a real internship opportunity but it won’t let me take too long to realize it’s only a scam once they want me to give them my social security email over text message.”
How these scammers have access to Hunter College school emails is still unknown. Another Hunter College student, Helen Moran, a sophomore majoring in pre-med, thinks that cyber-hackers may have tapped into the Hunter College database to gain access to all student emails. “Online hackers probably hack the school system to get student emails. Since Baruch College got all of its data stolen by hackers, I think it is a possibility,” said Moran.
On September 25, Baruch College had a ransomware attack that forced the students and faculty to switch to remote learning. The attack forced Baruch College to close its campus to “non-essential faculty members” for the following day, September 26. Services like internet connection on campus, VPN access, on-campus remote desktops, Microsoft OneDrive, and DropBox were unavailable due to the ransomware attack.
Another way online scammers may have access to student emails is through purchasing data. Many third-party platforms collect our information and go on to sell it. According to the Stored Communications Act of the United States Federal Communications Commission, any information an individual provides to a third party is no longer private information and no longer under the protection of the 4th Amendment of the Constitution of the United States. Therefore, any third-party service may legally sell its users’ data.
The Undergraduate Student Government of Hunter College published a guide on its Instagram account to increase awareness against scam emails. A few preventative tips included in the guide are:
- Ask you to click a link in an email to “update your password.”
- Ask you for your bank routing number or bank information.
- Ask you to cash a check, conduct a wire transfer, or purchase a gift card.
- Ask you to click a link or provide personal information for an unsolicited internship or job opportunity.
“Checking the email sender’s address and avoiding unrecognizable attachments helps keep your information safe,” USG adds in their scam guide. “Students can report any suspicious emails to campus public safety by emailing to itsecurity@hunter.cuny.edu.”