AWC, Parker Schools Warn Staff and Students About Phishing Email Surge

Arizona Western College issued an all-college communication on March 4 warning staff and students that its Information Technology Support Services team had been overwhelmed by a surge in phishing emails, some of which appeared to originate from internal AWC accounts.

"Over the past week, our ITSS team has been working around the clock to respond to an unprecedented ... increase in phishing emails across the College, including messages that appeared to come from internal accounts," the communication read. "The incident involved a compromised account through a session-based phishing attack (not malware)."

AWC Chief Information Officer Scott Estes offered some context around the word "unprecedented," telling KAWC he was unsure he would have used that term himself. The college typically fields phishing reports at a steady, if unwelcome, pace. "If I had to guess, we receive about two or three reports a week, and as we continue to tighten security around fake emails, [we] have to be mindful that as it gets tighter, it starts to block legitimate emails — so there is a fine balance," Estes said.

Northern Arizona University–Yuma, which shares the main AWC campus in Yuma but operates separate technology systems, was not directly involved in the incident. Estes said, however, that he guarantees NAU–Yuma sees similar phishing activity given its location and user base.

The concern extended across the county line into La Paz County, where Parker Unified School District also reported a rise in phishing attempts. Most of the messages targeting Parker Unified impersonated the district's human resources department, a pattern that cybersecurity professionals recognize as a way to harvest employee login credentials under the guise of routine HR communications.

The incidents at AWC and Parker Unified reflect a broader trend documented by the Cybersecurity and Infrastructure Security Agency, which warns that schools face a wide range of cybersecurity threats, including from nation-state actors. CISA has issued active advisories covering threats attributed to the Chinese, Iranian, North Korean and Russian governments. News reports have separately noted a rise in cyber activity linked to Iran amid ongoing conflict with the United States. Cybersecurity experts add that artificial intelligence is amplifying the problem by dramatically increasing the speed and scale at which phishing campaigns can be launched.

AWC officials, along with YPD, advised the campus community and the public to exercise caution with any email containing unfamiliar links or requests for login credentials, and to avoid clicking suspicious links regardless of whether the message appears to come from a known sender.