Students across campus have received messages and emails prompting them to disclose confidential login information.

Some students responded.

Haleigh Wetzel, a student majoring in mass communications, received the email yesterday while at work. Seeing the subject line regarding her account’s deactivation sent her into a panic.

“I don’t want my account to be terminated. I clicked the link and put in my information,” Wetzel said. “It seemed legitimate. It really did.”

After submitting her name and phone number, Wetzel called her aunt to ask her opinion on the message’s validity.

“I texted my aunt a screenshot to ask if it seemed legit, and she said no. She told me to email IT immediately,” Wetzel said.

IT gave Wetzel the appropriate directions to protect and resecure her account.

Chris Usey, chief campus IT security administrator, said that the department is using every available avenue to alert the community regarding the threat.

“We have taken all possible measures to limit its spread, but since it propagates through SMS text messages, our ability to block and mitigate it is limited,” Usey said. “Which prompted us to use our emergency system to notify everyone as soon as possible.”

Usey said in the most recent phishing incident, students received texts claiming their accounts were suspended. In turn, the sender asked them to provide a multi-factor authentication code or accept a prompt in their authenticator app to secure their account. 

He said this attempt was designed to trick students into sharing sensitive information. Usey also said Fletcher School of Law and Diplomacy, and possibly other universities, are experiencing similar phishing attacks.

“Please understand and help us relay that Nicholls will never contact users first via text to request their password, 2-Factor Google or MyNicholls (Microsoft) code, or to accept authentication prompts through their authenticator app,” Usey said. 

“While we do use SMS for some communications, we will never ask for sensitive information via text.”