There have not been any new e-mail "phishing" scams sent to AU e-mail addresses since the Office of Information Technology reported on March 20, according to Eric Weakland, director of network security.
The "phisher," who claimed to be an AU webmaster, requested students to send personal information to a Yahoo e-mail address, The Eagle previously reported.
Soon after, OIT sent an e-mail to the AU community to warn them about the scam.
OIT has identified the source of the attacks but is unable to share that information.
"Much like a police investigation of criminals, information security professionals have strict sharing guidelines with regard to active attacks," Weakland said in an e-mail.
OIT has not found any students or community members who responded to the e-mail with their credentials, Weakland said in an e-mail.
Melissa Becher, an AU reference librarian and reference team leader, said she is glad OIT warned the community about the scam.
"I've gotten other messages like this that were phishing scams, and while I didn't fall for them, a couple of them did make me nervous," she said. "I felt reassured that [OIT] had sent an e-mail alerting the community to the scam."
Weakland said in an e-mail that warnings about similar attacks at other schools allowed OIT to respond quickly to the attacks a few weeks ago.
Phishing scammers harvest account credentials to either send more spam or perpetrate identity theft, he said. Phishers use information to steal money and identities, send viruses to users' friends and send out spam e-mails, according to Weakland.
Julie O'Dell, a senior in the Kogod School of Business, said she didn't get an e-mail from the scammers posing as AU webmasters but received similar e-mails in the past.
"There was one time I got one of those through someone from eBay," she said. "I usually just kind of ignore them and never give my information out. I know Georgetown [University] had a bigger issue, but I don't think AU ever had a problem except for that one time."
Georgetown's information technology office did not return calls for comment as of press time.
Students should be on the lookout for suspicious e-mails and should never send things like user identification and passwords via e-mail, Weakland said.
"Everyone should consider e-mail 'insecure communication,'" he said in an e-mail. "Think of it like a postcard that you drop in a mailbox. Anyone can read it ( since it isn't sealed in an envelope), and there is no way to really tell if the return address is genuine."
Emily Tompkins, a sophomore in the School of International Service, said she thought the scam was stupid.
"If they wanted to prove a point, that's a dumb way to go about it," she said.
