“This is a $700 a week paid position,” or “reply to this email to college President Nicole Hurd,” are phrases that Lafayette College students may recognize from their email inboxes. Such emails are typically — and luckily — flagged as scams.
Phishing scams are a common occurrence on many higher-education campuses, though at Lafayette, students say they are not concerned.
A study from Science Direct found that students on college campuses are frequent and common targets of cyberattacks. Another article from Inside Higher Ed claimed that phishing scams are on the rise due to innovative hacking techniques, artificial intelligence and systems that work on the two-factor authentication system that hope to safeguard students, such as the ones on College Hill.
Dean of Students Walter Snipes wrote in a Jan. 22 email to students that “there are increasing incidents where scammers will impersonate people, groups, or organizations you know to deceive you.”
“Please be vigilant regarding emails or texts you receive requesting you to give information or money,” he wrote.
Only a handful of phishing email scams were reported to Public Safety last year, including one where a student “lost some money in the incident,” according to Public Safety Director Jeff Troxell.
“It is very challenging,” Troxell said of investigating phishing emails. “We also provide instruction and resources for the individual who may or may not have been scammed.”
Zepu Chen — the current information security analyst for the college’s information technology department and a cybersecurity professor — identified several reasons college students are susceptible to phishing, including frequent use of emails and online services, financial vulnerability and a lack of cybersecurity awareness.
“Unfortunately, many students do fall for these scams, leading to compromised accounts, stolen identities, or financial fraud,” Chen wrote in an email.
Chen wrote that students should protect themselves by verifying the email sender, hovering over links before clicking and watching for grammar mistakes.
Phishers often employ information easily accessible online, like professors’ emails, and utilize these tools to target students in fraudulent emails, according to Troxell.
Lafayette College requires first-year students to complete cyberattack training modules before orientation. On the college’s website, a page from the IT division defines terms like wire fraud, spear phishing and ransomware. The page recommends that students reach out to the division’s help desk if wary of a phishing scam.
Amy Fabara ‘27 said she received a phishing email last year, a scam email posing as a job offer.
“It was like a personal assistant and you get 400 dollars,” Fabara said. “I’m from Virginia, so that amount of money is kind of normal, but not here for sure.”
As Fabara examined the email further, she said she noticed several “red flags,” such as all the email recipients having last names beginning with “F,” no avenue for sending a resume or other information and a note that the job would immediately send her checks to cash in.
Fabara, who said she works multiple on-campus jobs, said she knew that any college position would require the completion of paperwork, and she noted that the email “didn’t ask for any of that.”
Several students said they are not worried about such phishing scams.
“I think I would know they were phishing emails,” said Alexa D’Agosta ‘28, who said she has never received a phishing scam to her college email.
