October is National Cyber Security Awareness Month (NSCAM). This year we have a new security awareness training platform. Look for an email from KnowBe4 with a link to your personal training. The Social Engineering Red Flags assignment should take less than 10 minutes to complete. After NSCAM we can test our security skills with simulated… Continue Reading
News
Equifax Data Breach
On September 7, 2017 Equifax announced that they had a cybersecurity incident that potentially exposed personally identifiable information(PII) for 143 million people. The data contained name, SSN, date of birth, address, and for some, driver’s license number. Credit card numbers for 209,000 people were also exposed. Equifax will be mailing out notifications for those impacted… Continue Reading
Phish – Subject: MAINTENANCE
This is not a legitimate TCNJ email. It is a phishing message. From: IT Helpdesk <mpuia@muskingum.edu> Subject: MAINTENANCE Date: August 29, 2017 at 10:38:35 AM EDT To: IT Helpdesk <mpuia@muskingum.edu> We are eliminating all unused email to create more space and increase your web mail SPEED. Unused email will be disabled during this maintenance.Your account must be verified… Continue Reading
US-CERT Warns of Potential Hurricane Harvey Phishing Scams
Exercise caution with any emails related to Hurricane Harvey. Often scammers use natural disasters to request donations to fraudulent charities. US-CERT Warning – Potential Hurricane Harvey Phishing Scams Continue Reading
Google Drive message phish
Huge rash of phishing emails that look like Google Drive requests. Do not click the link. Report the message to abuse@tcnj.edu and delete the message Continue Reading
Important message Phish
Another phishing message reported. From: The College of New Jersey <noreply@tcnj.edu> Date: Tue, Apr 18, 2017 at 2:40 PM Subject: Important message from TCNJ Faculty/Staff To: Recipients <noreply@tcnj.edu> Dear Employee: You have new important message from Faculty/Staff. Click here to read Thank You Information Technology Services The College of New Jersey The message linked to… Continue Reading
WIRE TRANSFER Phish
New phishing message From: XXXX Subject: RE: WIRE TRANSFER NOTIFICATION Date: April 4, 2017 at 2:17:16 PM EDT To: XXXX Hello, Can you please confirm funds made to your account mistakenly by bursary Dept. Followed by an image that links to site that copied our login screen Continue Reading
W-2 Scam Notice
It’s that time of the year again. With tax season upon us, attackers are stepping up their efforts to steal your data. The IRS is reporting an increase in scam emails regarding W-2 information. IRS Scam Notice Let’s take some time to review safe email practices. Always be skeptical – an email “From” address can… Continue Reading
WebEx Extension RCE
A vulnerability has been made public that could allow an an attacker to remotely execute code on a victim’s computer using the WebEx browser plugin. The vulnerability can be exploited by visiting a specially crafted website. WebEx has released an update to address this vulnerability. Make sure all web browsers are plugins are up to date… Continue Reading
New Type of Phishing Attack
It’s 2017 and email phishing is not new, however, there is a new technique attackers are using specifically against Gmail accounts. Malicious email messages appear to contain an attachment, but clicking the attachment will open a new browser tab that appears to be a login screen. This form will capture account credentials and send them to the attacker. To… Continue Reading