• Stop being a LURKER - join our dealer community and get involved. Sign up and start a conversation.
Visit Generations Digital

It Only Takes 1 Phish: Wichita State University Employees Get Fooled Into Losing Their Paychecks

Diana Eidson

Smashing Bugs
Jan 16, 2019
31
10
First Name
Diana
Three employees of the university fell prey to a common scam asking for their credentials, giving cybercriminals access to change banking details.

We’ve said it time and time again: the bad guys do their homework. In the case of the attack on WSU employees, cybercriminals spoofed the university’s payroll system and sent emails to employees tricking them into providing their university ID and password. That was all the attackers needed to gain full control to the employee’s profile, personal data, and most importantly – banking information.

It wasn’t until a number of employees did not receive their paychecks that the scam was found out. At least three members of the WSU staff fell for the scam, allowing cybercriminals to alter the employee’s personal banking details which caused paycheck payments to be routed to the criminals’ bank.

The university implied that they would make the employee whole, despite not being responsible for the attack, but indicated that they would not be able to do so in the future should it happen again.

Cybercriminals are in the business of ensuring their efforts pay off. It’s the primary reason they target specific industries, businesses, and even people. The more context they can gather (e.g., the payroll system used specifically by WSU), the higher the chances of successfully fooling an employee into taking the bait.
Just a courtesy alert
 
Visit Generations Digital

Diana Eidson

Smashing Bugs
Jan 16, 2019
31
10
First Name
Diana
Learning to protect yourself online from the worlds most famous hacker, sounds pretty powerful to me!
 
Last edited:

craigh

Super Moderator
May 19, 2011
1,685
1,117
First Name
Craig
If anyone finds this kind of deception tactics fascinating I highly advise reading Ghost in the Wires. It is the story of Kevin Mitnick who did some crazy things with "social engineering" ...AKA hacking in the Hollywood sense.

Fantastic book, written in a way that is a load of fun to read.
His stories of "hacking" more often than not involve him calling a company, saying "I'm on the field having an issue, can you please active unlimited long distance calling on this phone number so I can debug".

It's shocking how easy this is to do still today. People just don't expect you to be dishonest if you can gain the smallest bit of their trust.
 

Alexander Lau

Under the Bridge
Feb 11, 2015
2,439
736
First Name
Alex
I'm still waiting for the spam to come from her. Wichita State Employees being duped helps the automotive community how? Redundant posts in same thread?

EXCELLENT book @Alex Snyder btw.
 
Last edited:
  • 1
Reactions: Diana Eidson

Alex Snyder

President Skroob
May 1, 2006
2,923
1,587
First Name
Alex
I'm still waiting for the spam to come from her. Wichita State Employees being duped helps the automotive community how? Redundant posts in same thread?
I hope you're wrong. I hear where you're coming from though. And with your point made quite clear, let's start giving her the benefit of the doubt. If I'm wrong throw the biggest "I told you so" at me.
 

SteveeAnders79

Full Sticker
Jan 9, 2019
17
6
First Name
Steven
Protection is good thing, but hackers are not staying AFK as well. The more we try to protect ourselves, the smarter hackers are. I think once they will be smart enough to do really bad things.
 
  • 1
Reactions: Diana Eidson

craigh

Super Moderator
May 19, 2011
1,685
1,117
First Name
Craig

Alexander Lau

Under the Bridge
Feb 11, 2015
2,439
736
First Name
Alex
  • 1
Reactions: Diana Eidson
Get Podium