Security Threat Awareness
ITS strives to provide the UIS campus community with the most up to date information about current security threats and good practices on what you may need to do to reduce your risk of a security incident.
Recent Phishing Attempts:
2018/03/12 – “Payroll Schedule.”
2017/08/23 – “Payment has been made”
2017/06/26 – “RE: Helpdesk”
2017/04/09 – “Your Identity”
2017/03/25 – “New Important Mail”
2016/11/09 – “Important Transfer.”
2016/08/06 – “Important message from Faculty/Staff”
2016/05/20 – “SV: ITS SERVICE NOTIFICATION”
2016/05/09 – “Important Notice!!!…”
2016/04/30 – “you”
2016/04/20 – “SV: Email update.”
2016/03/23 – “CHECK”
Report Phishing Attempts:
Information Technology Services utilizes the same process for reporting phishing attempts as is does to report SPAM as these are both variants of email abuse. Please use the instructions found on the ITS Email Abuse page to report phishing events.
Spot Phishing Attempts:
Verify the email address – Some attackers will mask the sender’s address either with a user known within the organization (think presidents, deans, C-level executives) or create an account similar to these individuals to improve their chances of convincing users that the email is legitimate.
Be wary of generic salutations – Receiving messages addressed to “Greetings Customer” or “Dear Valued Member” might be an indicator of a non-direct message and should be verified before clicking on any links or opening attachments.
Watch for grammar and misspellings – Sure, we all make mistakes or forget to proofread our messaged before sending messages, but be skeptical of blatant misuses of grammar, spelling, or formatting especially near money and time increments.
Be suspicious of messages with a sense of urgency – Requests for users to act immediately or lose access to whichever system is synonymous to the “For a limited time offer”. Conversely, attackers could attempt to promote a service to elicit a response (i.e. Click here to increase the size of you mailbox). In either case, ITS will promote such activities by sending several notifications at varying increments to allow users time to respond or ask further questions.
Be careful of links within messages – The easiest method to verify a link’s address is to “hover” the mouse over the link. By doing so, the link’s Uniform Resource Locator (URL) is displayed in a somewhat mini popup window allowing you to view the actual address that a user will be directed to when clicked. Additionally, if the link is a shortened URL (i.e. http://bit.ly.com/, http://goo.gl.com/, etc.) many of these providers will also expand these shortened links to help identify the actual location..
Be suspicious of attachments – Opening attachments laced with malware is the easiest way for an attacker to gain access to your machine and the data on it. Lately, this has been the delivery method of ransomeware.
Be wary of messages that sound too good to be true – notifications of winning the lottery, a rich uncle whom you’ve never met, or a prince in Nigeria are all example of attackers tricking users into providing additional information or sending a sum of money as a holding of larger winnings. Each of these should be deleted!
Verify unexpected messages that were sent by friends – A tactic commonly used by attackers once they’ve gained access to an account is to spread their malware to everyone in that user’s address book. This common technique is highly effective since since the recipient “trusts” the sender. Unfortunately, this is what the attacker is anticipating. By verifying that the message has been sent by the account’s owner (possibly with a text or phone call), the attacker won’t be able to gain access to your account.