Have you recently experienced delays trying to send or receive email from your Queen’s account? Have you had problems with your Hotmail? Or, maybe you’ve received notifications from ITServices describing issues with the email system? If you can answer “yes” to any of these, then you already have an inkling of the problems being caused by compromised accounts.
Email accounts become compromised when an outside party learns someone’s NetID and password. By far the most common way this occurs is when the owner of the account freely gives this information away. They usually do this because they have received an email requesting this information, an email that most likely comes with an accompanying threat of account termination. Emails of this nature are fraudulent; they are a hoax known as “phishing”. The sole intent of such email requests is to get someone to give up their personal and confidential information – information such as their NetID and password. 759 accounts have been compromised at Queen’s since the first day of classes in September 2010.
It only takes one person giving away their NetID and password to compromise the mail system of the entire University. The recipients of this information are likely to use it to “hijack” the Queen’s email system and then send unsolicited email through it by the tens of thousands. This type of unsolicited email is known as spam, and it can cause a number of problems. First, if there are thousands of emails queued in the Queen’s system, it can cause significant delays before mail gets delivered. Monitoring the mail queue and dealing with such attacks is resource-intensive and costly. Normally, the mail queue is 150-200 messages long; when under attack, it can be as high as 360,000. Monitoring and cleaning up the queues, and rerouting mail when required, takes as many as 50 hours per week – that’s more than one full-time staff person!
In addition, some service providers, such as Hotmail, Google and Yahoo, have been blocking all email that comes from an @queensu.ca address because the hijackers have been using our system to launch spam attacks directly against them. When a service provider such as Hotmail blocks Queen’s email, it means that any Queen’s email forwarded to a Hotmail account will not be delivered. When a service provider blocks all mail from Queen’s, it interferes with the University’s ability to carry out its day-to-day business, as well as damaging Queen’s reputation.
It is also important to remember that NetIDs and passwords are used to access all sorts of information in addition to email. There are systems at Queen’s that use NetIDs to access data relating to grades, finances, medical information, and a wide variety of other confidential and personal information. When someone gives away their NetID and password, they are potentially making all of this information available to an unauthorized party.
ITServices is working diligently to adjust the infrastructure of the mail system to prevent as many phishing and spam attacks as possible. Every person at Queen’s can play a part in preventing these problems by doing some simple things:
If you think someone else may know your NetID password, you should change it immediately by following the instructions found on the NetID Password Change page. To learn more about protecting your NetID and password, please see the NetID Best Practices page. If you have questions or need help, contact the ITSupport Centre by calling 613.533.6666 or by filling out the online help form.