Phishing

Controlled Phishing Campaign by ISO

On 1 November 2017, the Information Security Office announced that it would "soon begin a controlled phishing assessment in an effort to continue to improve security awareness around this particular attack vector. All faculty and staff are potential recipients."

According to the announcement, "you may receive fake phishing emails designed to look like ones that bad guys are sending. However, instead of harming you, these emails will provide the ISO with data and teach you how to identify these scams and protect yourself. The ISO will send at least three rounds of emails

Read more about Controlled Phishing Campaign by ISO

Beware Hurricane Harvey Scams

Our thoughts are with the many Texans enduring or recovering from floods and wind damage along the coast, around Houston, and in South and Central Texas. Many of us have family and friends in the affected areas.  It's natural to want to help, but please remember to be careful about requests for help via email or social media.

Scammers are already using Hurricane Harvey to trick people into clicking on links on Facebook, Twitter, and in phishing emails trying to redirect the money into their own pockets that we would give to help the flood victims. 

Read more about Beware Hurricane Harvey Scams

Wanna Cry? Active Ransomware Outbreak (Updated)

According to reports, there is an ongoing, fast and widespread ransomware attack against Microsoft Windows machines, with reports of as many as 200,000 infections in as many as 150 countries (according to Europol on Sunday, 14 May 2017). The software can run in as many as 27 different languages, matching the operating system language settings.

This malware is variously known as WannaCry, WCry, Wanna Decryptor, or Wanna Derypt0r and was discovered the morning of May 12th, 2017.  It works by encrypting your data and requesting a ransom

Read more about Wanna Cry? Active Ransomware Outbreak (Updated)

Wanna Cry? Active Ransomware Outbreak

According to numerous reports, there is an ongoing, fast and widespread ransomware attack against Microsoft Windows machines, with reports of tens of thousands of infections in as many as 74 countries. The software can run in as many as 27 different languages, matching the operating system language settings.

The malware is variously known as WannaCry, WCry, or Wanna Decryptor, or Wanna Derypt0r and was discovered the morning of May 12, 2017.  It works by encrypting your data and requesting a ransom of .1781 bitcoins, the equivalent of roughly $300.

Initial reports indicate

Read more about Wanna Cry? Active Ransomware Outbreak

New Phishing Defenses

Dateline Thursday, February 16, 2017:

On behalf of the ITS-Systems e-mail team I would like to share an update on their effort to move the campus e-mail defenses to the Cisco hosted platform so that we can properly leverage some much needed features.

ITS-Systems is in the process of adjusting some e-mail filtering workflow to better automate detection and notification.  This change will give the ITS-Systems e-mail team a chance to perform final testing of the new Cisco hosted platform and will help the university get there faster — forecast in the next

Read more about New Phishing Defenses

Defending Against Identity Theft as Tax Season Approaches

by the Information Security Office of The University of Texas at Austin

ATTN: Faculty & Staff

As tax season approaches, the Information Security Office would like to remind you that targeted phishing attacks are already starting to hit the campus.
Please be very vigilant when reviewing e-mails and clicking on URLs.  
Attackers prey on unsuspecting individuals and are counting on carelessness.

Read more about Defending Against Identity Theft as Tax Season Approaches

Phishing -- Conclusion

Last week we published part three of this four-part article on phishing by looking at phishing by social media. This week we conclude our article by looking at what to do if you get scammed.

4) What to do if you get scammed. If after all of this you still get hooked by a scammer employing a phishing tactic, there are several things you can do in order to minimize the damage that the scammer can do. Nevertheless, remember to be quick because the longer you wait, the more likely it is that the scammer will have enough time to do substantial damage to your assets. When it comes to

Read more about Phishing -- Conclusion

Phishing -- Social Media

Last week we published part two of this four-part article by looking at phishing by phone calls. This week we look at phishing by social media.

3) Social media. Of the three types of phishing discussed here, phishing in social media is by far the most dangerous because unlike emails and phone calls, the interactivity between people on social media lead many people to let their guard down. There is a false sense of intimacy and trust. After all, on platforms such as Facebook, you are only friends with your friends and you only like pages you trust. But don't forget: in order to find

Read more about Phishing -- Social Media

Phishing -- Phone Calls

Last week we started this four-part article on phishing by looking at phishing by email. This week we look at phishing by phone calls.

2) Phone calls. Phone calls can be a bit tricky; but overall, there are just a couple of things you need to look out for to avoiding getting hooked by a scammer on the phone. First, in general, you should only answer phone numbers you recognize and trust. However, if for some reason you do decide to answer an unknown number, keep your guard up and listen carefully to what the person on the other side of the line is saying. Typically, if it is a scam

Read more about Phishing -- Phone Calls

Phishing

Phishing, as defined by Merriam-Webster, is a scam by which a user is duped into revealing personal or confidential information which the scammer can use illicitly. Phishing can happen anytime and on any media including but not limited to email, phone calls, and social media. The articles over the next four weeks detail what to look out for when using your favorite devices; and if you have been a victim of a scam, what to do to stop the attack.

1) Email. No matter who you are, you will undoubtedly receive plenty of spam mail; and generally, it is easy to recognize spam

Read more about Phishing