Caption: Scams and phishing attempts are using stolen data and sophisticated methods to harm KHU students 

Photo: The Chosun Daily (chosun.com)

Voice phishing and fake e-mails targeting Kyung Hee University (KHU) students and staff have recently surged. Since March 3, the Office of Information Service and Strategy (OIS) has confirmed numerous scam attempts threatening student safety. Methods of attack have been sophisticated—phishing attempts used stolen student information and fake e-mails posing as important University officials. The OIS is cautioning students to look out for voice-phishing calls, fake mails, and other similar attacks.

Surge in Attacks Against Student Information Security

Serious threats to KHU student security have recently spiked. In February, a credential-stuffing attack aimed at the University’s Info21 system successfully broke into accounts and illegally accessed student data, likely with information acquired through previous cyberattack incidents in South Korean online shopping and telecommunications companies.

Then, in early March, phishing attacks targeting individual University members began. On March 5 and 13, fake mails impersonating important KHU officials, sent from two separate external email addresses, were reported. These urgently requested the creation of an open group chat—a method commonly used by scammers to induce anonymous financial transfers and extort personal data.

Multiple voice phishing attempts were also confirmed the same month: Scammers were deliberately targeting KHU students with full knowledge of “the student’s department, name, date of birth, home address, and contact details for parents,” according to an OIS warning issued to students at the College of International Studies in March 11.

Response of the OIS, and What Students Need to Do

The OIS has taken measures to prevent similar incidents from harming KHU community members. After February’s attack, the OIS is strengthening security activities for information systems—implementing a personal-information access log, extending two-factor authentication requirements, and conducting inspections on likely data leakage routes. They are also coordinating with the General Student Association and other student bodies to compile information on students affected by the recent voice-phishing attempts, while disclosing the scammers’ phone numbers and email addresses.

However, these measures do not guarantee security: Prevention of serious harm requires students to take the current issues seriously, take the necessary steps to secure their own data, and remain vigilant against possible scamming and phishing methods. As such, the OIS is strongly cautioning KHU community members to stay vigilant and “make it a habit to always check” the authenticity of suspicious requests to prevent their personal information being stolen. The OIS further advises students to adhere to the following safety guidelines listed below.

To maintain online security for University student information, the OIS advises students to double-check their safety-related activities. Small steps, such as periodically changing Info21 and school email passwords; refraining from widely sharing email addresses; applying two-step authentication to personal accounts wherever possible; making sure to log out after using school systems on external computers; and not lending student IDs to outsiders during festival periods, can reduce the risk of leakage significantly. These measures are important, as stolen personal information can be misused for further crimes, such as financial fraud and stalking, and other intrusions into private life.

Against phishing attempts, the office advises students to suspect calls and messages that emphasize urgency and pressure the recipient to act quickly. Then, they should confirm whether they are genuine through official channels. According to the OIS: “If the caller is impersonating police, one should verify authenticity by dialing 1394 to check whether the relevant prosecutor, investigator, or case number exists. Likewise, if the caller is impersonating a financial institution, contact that bank’s official customer service center. In particular, one must call the number that one searched for and confirmed directly, not the number provided by the caller.”

Likewise, for fake emails impersonating a KHU office, department, or individual, the OIS advises students to check their authenticity. “If the sender’s address is not the KHU official domain (@khu.ac.kr), it is necessary to check whether it is genuine. Suspicious emails, links, or attached files should not be opened and should be deleted immediately. If one receives a phishing email, do not reply and instead ignore the requested actions. Students should also not click links in emails whose source is unclear or whose sender cannot be identified,” the OIS cautions.

Future Attacks Highly Probable, with Evolving Methods

February and March’s attacks demonstrate how scams against KHU have grown more targeted and frequent. Due to large-scale personal-information leaks occurring externally, similar incidents are highly likely to continue in the future.

The OIS further warns that future attempts may be more sophisticated. Deepfake and deepvoice scams may use AI to manipulate the voice and face of a professor or a key University official, then request urgent monetary or information transfers through a video conference or voice call. Qshing attacks, by attaching fake QR codes to campus bulletin boards or cafeteria menus, may direct the user to a fake login page or malicious link. Criminals may also forge fake academic events and paper submissions to target researchers and graduate students, using lures like “submission to a prestigious overseas academic journal” or a “conference invitation.”

For this reason, the current wave of attacks should be treated as part of an evolving security challenge. As scams targeting KHU become more sophisticated, and external large-scale personal data leaks continue, similar attacks are likely to persist. Students should remain cautious, verify suspicious requests, and take protective steps to remain safe.

Message from the OIS