Reply-all threads, spam preoccupy university staff in information technology


By PAT BOWDEN Reporter

The past two weeks have proven to be feverish for the Department of Information Technology. Staff have dealt with a mass-email thread that filled the inboxes of engineering students and are preparing for email spam season.

This spam season, which aligns with tax season, is where spammers aim to gather personal credentials to gain access to digital systems. They send out mass emails targeted at further credential harvesting.

Engineering students had busy email inboxes of their own Jan. 25 when a large group email, intended to inform students about an upcoming career fair, became a “reply all” social.

This email, and similar emails on campus, was supposed to be set up to a distributive email address that doesn’t allow a “reply all” action. However, a new staff member included every individual email of faculty and students who were to be part of the career fair, according to Vice President for Technology and Safety Michael Adelaine.

“Some deans lock [student email lists] up strong, some have them more open and that particular list has been a little more open. Since, I’ve talked to Dean [Lewis] Brown and we’ve worked on restricting it a little bit because it was an email storm there for a while,” Adelaine said.

According to Adelaine, he was contacted and requested to stop the large email thread before it got out of hand. However, Adelaine said forcing an end to this email chain would have been a violation of students’ freedom of speech. Adelaine could only step in if students were acting out of the student conduct code.

Conversely, the first person to reply to this email thread, freshman computer science major Benjamin Oppold, said it was an accident and that he was originally attempting to create a personal event in his calendar for the career fair.

“It was not intentional, I just clicked it and clicked the event and I didn’t think it would start the crazy thing that happened,” Oppold said. “I thought it would create a personal event, and it created an event for everybody.”

That night, Oppold claims to have received upwards of 1,000 decline emails for his personal event and more than 300 emails from students who continued to reply to the message.

According to sophomore electrical engineering major Mohamed Ayouh, these replies were entertaining for those in the email chain.

“It was hilarious. Everybody started commenting and like announcing fake parties on there … I personally tried to forward the email to all the students in SDSU, but it gave me a ‘failed to send email’ message because I don’t have permission to send to all SDSU students,” Ayouh said.

Some students included internet memes and their Snapchat handles in the email chain while others requested to be removed from the chain entirely.

However, there are risks to replying to a large group email chain, especially when faculty and peers are also copied in the message, Adelaine said.

“People just need to take a little extra time and be careful; make sure that you know what you’re sending because once you hit that button, it’s out there and it’s gone,” Adelaine said. “It died out, really, quite fast, and I think some students recognized that … they handle themselves very well.”

This all came to a close when the department sent out an email the next day requesting that the email chain stop.

“There was no intention in doing it, but I was pretty satisfied in the result of it. Just because I thought all the memes were funny and people were adding their Snapchats and I know some people made friends doing that,” Oppold said. “I think honestly it made more friends than it made people angry.”

However, things may not end well for those who reply to spam messages in their inbox, according to Vice President for Technology Ryan Knutson.

School officials in the department are work to educate students on identifying spam email and how to properly rid one’s inbox of it, according to Knutson.

“Most students hadn’t realized what that had done [when they replied to the spam] and are very interested in making sure they don’t do it again,” Knutson said.

Knutson recommends students not reply to any unfamiliar or unsuspecting email address requesting personal information.

“The last line of defense is the individual to say this is not legitimate,” Knutson said. “Targeted spam is getting to be a lot bigger … which means it’s harder to identify.”