CourseFeed phishes for information
CourseFeed is a security breach
- posted: 06 Nov. 2007
- scrollcampus@byui.edu
Almost 16,000 people are on the BYU-Idaho Facebook network, and every student at BYU-I has an I-Learn account. A new Facebook application is trying to combine the two with potentially dangerous consequences.
CourseFeed is the new Facebook application that combines Facebook and Blackboard, which is part of I-Learn, that was developed in September. Facebook users may recognize it from the notifications that they have been getting throughout the semester that their courses have been added to CourseFeed. However, CourseFeed is actually a phishing device that is stealing information from users.
When students sign onto their Facebook account and add the CourseFeed application, they accept the terms and allow the application to use their information and school e-mail to connect with I-Learn and load their courses. By doing this, CourseFeed has access to the student’s NetID and password and is able to give it to a third party. This allows CourseFeed to use the information to get important things like classmate and teacher e-mail addresses to ask them to sign up as well. This is called “phishing” and is potentially dangerous, according to a mass e-mail from Gaylen Jensen, Information Security Officer at BYU-I.
Phishing is a type of security breach that steals information from users in order get personal information. This allows a third party to have access to personal information and makes it possible for them to tamper with anything accessible on the user’s account. In the case of byui.edu accounts, this includes financial information, as well as class rosters and teacher information.
Jensen also counseled students to not give their NetID and password to anyone. It is not safe to give out personal information on the Internet, especially school information. Also, do not sign up for CourseFeed. 
