This Week’s Cybersecurity News, 06/23/2022

Share on


This week we are seeing similar threats that we have been seeing in recent weeks, but it never hurts to tell you more about them. While these descriptions are generalized, the emails are not always alike and can vary a bit.


Current Threats

  • Office 365 Passwords
    • Several people are reporting that they have received an email saying their Office 365 password is about to expire.
    • Office 365 is no longer called Office 365, but rather Microsoft 365.
    • Microsoft 365 uses your NetID and password for authentication, so the notification would likely specify it is your NetID password that is about to expire.
    • It claims to be an “IT Support Announcement,” but if it really was about this password, the message would have OIT, UTK, or something very recognizable. (The email never once mentions UT at all!)
    • The email looks like it comes from a vols.utk.edu account, but if it were real this would come from an official address like oit@utk.edu.
    • Please forward the email with the very important Internet headers using these instructions, then delete the email.


  • Phishing Attacks Aimed at Summer/Part-time Jobs for Staff & Students
    • The sender sometimes uses a gmail account, but sometimes it is from a spoofed @vols.utk.edu account.
    • The supposed available job positions vary, but they all tend to offer about $350-$500 a week for remote work.
    • The biggest giveaway that the message is not legitimate is that the email is full errors:
      • Spelling
      • Grammatical
      • Punctuation
      • Formatting
    • The information within the email does not match, so read it closely.
    • After doing a closer investigation of the information (I did not click!), the site tells you a lot of conflicting information and typically doesn’t even match what the email says.
    • This is definitely a phishing scam and the sender is trying to get your personal information through an “application” process.
    • Please forward the email with the very important Internet headers using these instructions, then delete the email.


  • Receipts for Orders
    • There are still a lot of emails that look like receipts for orders, but these are orders that were never really placed.
    • The emails look to be coming from Amazon, Norton, McAfee, among other well-known companies.
    • The “orders” are often for computers or annual antivirus subscriptions.
    • Sometimes the receipt is in the content of the email, but sometimes it is an attachment.
    • Do not open the attachment, as that may activate malware.
    • Do not reply and ask about the order.
    • Do not call the number the in email and ask about the order.
    • These phishing attempts are designed to make you want to speak with the sender so they can put on their best “customer service” impression and ask to verify your personal information, your department’s information, and your credit card.
    • Think about whether or not you placed an order with that company.
    • If the email does not give any information in the content, you can bet it is a scam with malware in the attachment.
    • You can check with the department’s business manager, but please don’t forward them the message.
    • You can always forward the message to me if you are unsure.
    • If you are certain it is phishing, please forward the email with the very important Internet headers using these instructions, then delete the email.


Browser Updates

  • Chrome
    • Google has released security updates to address vulnerabilities in Chrome.
    • These vulnerabilities could allow an attacker to take control of an affected system.
    • Since your browsers are being managed by UTIA ITS, you should be getting the updates automatically.
    • If you do not close your Chrome  browser regularly, you may not have the updates.
    • In your browser, go to Settings (the three lines in the upper right-hand corner and scroll down to Help.
    • Click on Help and click on About Google Chrome.
    • A window will open to show you if your browser is up to day and what version you should have.
    • If you don’t have version 103.0.5060.53, please restart the browser to get the update.


I can’t thank you enough for all that you do to protect the Institute and its data. I am always here to help you. If I don’t get back with you quickly enough via email or if it is an emergency, please call my cell number at any time.

Thanks!

Sandy