Celebrated every October, National Cyber Security Awareness Month (NCSAM) was created as a collaborative effort between government and industry to ensure every American has the resources they need to stay safe and secure online. This year, we are celebrating the 11th year of National Cyber Security Awareness Month.
Our Shared Responsibility
We lead Internet-connected, digital lives. From our desks and homes to on-the-go, we work, learn, and play online. Even when we are not directly connected to the Internet, our critical infrastructure—the worldwide connection of computers, data and websites supporting our everyday lives through financial transactions, transportation systems, healthcare records, emergency response systems, personal communications and more—impacts everyone.
The Internet is a shared resource and securing it is Our Shared Responsibility. See more at http://staysafeonline.org/ncsam/
Information Security Hot Topics
Phishing
What is phishing?
Phishing is an email scam that tries to trick people into thinking a legitimate organization is requesting private information. These scams ask you to either reply, or follow a link to a site that often looks identical to the service the email is mimicking. Banks, E-bay, and Paypal are traditional targets.
Spear phishing is a type of scam that targets a specific organization or a specific group of employees or employee, in an attempt to trick people into providing confidential or sensitive information. Many times, those sending out the emails have researched the targeted organization for names the organization uses, practices, and other details to make their email scam seem more authentic. Some spear phishing emails may look identical to an email you might expect to see from UT System, OTIS, or your bank. The best way to fight these scams is to be skeptical when someone is asking you for information, and to never, ever, email your password, bank account numbers, social security, or credit card numbers to anyone.
What does a phishing email look like?
Phishing emails typically have a generic greeting and warn of some sudden change in an account which requires you to verify that you still use the service. These emails either include directions to reply with private information, or they may ask you to click on a link to a Website to verify your account. Emails claiming very sudden changes (within a week) or those that use poor spelling and grammar are clear warning signs of a phishing email.
Will UT System send legitimate emails that look like phishing scams?
There will be times when legitimate messages must be sent to inform our email users of necessary changes to their accounts such as password expiration notices. However, it is very important to remember that UT System Administration will never ask for your password in an email. Additionally, official OTIS communications have a formalized style and are reproduced on the OTIS SharePoint site.
If you are ever in doubt about the legitimacy of an email, call the Help Desk at (512) 499-4357 or email the Help Desk at help@utsystem.edu
Why can't UT System stop these emails?
UT System Administration stops thousands of phishing attempts, spam emails, and virus-infected messages every day, but the methods cyber criminals use change quickly to try to stay ahead of blocking techniques. Due to the broad range of use for UT System Administration, we must also be careful not to implement a filter which may block otherwise legitimate email from our users.
How can I avoid phishing scams?
Never send passwords, bank account numbers, or other private information in an email. Avoid clicking links in emails, especially any that are from an unknown account or sender or if the emaill requests private information. Be wary of any unexpected email attachments or links, even from people you know. Never enter private or personal information into a popup window. Look for 'https://' and a lock icon in the address bar before entering any private information on a website. Install and regularly update an anti-virus program that can scan email.
What should I do if I have been scammed by phishing?
Contact the organization that was the target of the scam to change any private information such as passwords or account numbers immediately. For UT System Administration, contact the Help Desk. If you suspect a bank or credit card account may have been compromised, contact that institution to check your account immediately and request a credit report.
