Phishing email compromises more than 600 accounts, Sac State says

Malicious links sent to more than 600 accounts according to the Office of Information Resources and Technology

An+email+that+a+student+received+in+a+phishing+attempt+in+April+2018.
Back to Article
Back to Article

Phishing email compromises more than 600 accounts, Sac State says

An email that a student received in a phishing attempt in April 2018.

An email that a student received in a phishing attempt in April 2018.

Caleb Danielson - The State Hornet

An email that a student received in a phishing attempt in April 2018.

Caleb Danielson - The State Hornet

Caleb Danielson - The State Hornet

An email that a student received in a phishing attempt in April 2018.

Thomas Frey, Sports Editor

Hang on for a minute...we're trying to find some more stories you might like.


Email This Story






In an email sent to all students and faculty on Tuesday, the Office of Information Resources and Technology reported that “there were approximately 600+ compromised accounts between Friday afternoon and Monday” after a phishing email attack.

Mark Hendricks, a Sac State information security officer, said the department was informed on Friday that a phishing email attack attempted to obtain SacLink usernames and passwords. Some computers were compromised with malicious links, according to the email.

Hendricks reported in an email on Monday that about 350 accounts were compromised and that the amount had gone down substantially between Sunday and Monday. But on Tuesday, that changed and Hendricks sent out another email saying that 600+ accounts had been compromised.

“This is actually a sophisticated attack, even though the message body looks rather fake,” Hendricks said in the email.

Some links would take users to a login page, and others would take users to a page that said their computer needed to be fixed, according to Hendricks. He said that the majority of the IP addresses obtained came from the United Kingdom.

Hendricks said that a team has been working non-stop since Friday to repair damages.

Most of the accounts affected were reported as being student accounts. Hendricks recommends that students and faculty change their SacLink password if they suspect that they clicked on the email, as a precaution.

RELATED: Sac State cautions against phishing attempt

Hendricks said that students need to be alert when looking at emails.

“If you sense that something is weird, you should be very suspicious about it,” Hendricks said. “The thing to get across is that phishing is a universal problem.”

He said the school is taking precautions and is working with Microsoft on an assessment to modify the security of the email.

Hendricks added that Information Resources and Technology are sending out an anti-phishing campaign to faculty and students.

He said  the office plans to send out emails that will contain a malicious looking link, which upon clicking will take its recipient to a website about the dangers of phishing.


UPDATE (Aug. 20 at 5:51 p.m.): This story was updated with information from Mark Hendricks, a Sac State information security officer

UPDATE (Aug. 22 at 3:16 p.m.): This story was updated with information from a release sent by Hendricks Tuesday.