Current Threats, Security Awareness Newsletters

This Week’s Cybersecurity News, 06/27/2024

Posted on Jun 27, 2024Share on

has only the words cyber security

Good morning.

Today I want to tell you about a current threat using the premise of student loan forgiveness. I also want to remind you about the new changes to Duo, why you need to shut down or restart your computers regularly, and why it is so important to report email scams.

Current Threats

  • Student Loans (phishing email)
    • The sender may vary, but one known sender is Burnice Reinger <burnice66reingerpfj[@]hotmail.com>.
    • The subject is the name of the recipient.
    • The email content tells you that your student loan has been marked as “possibly eligible for forgiveness under the new 2024 guidelines.”
    • The email gives you a case number, along with a phone number to call to determine your eligibility.
    • Please do not respond to the email because there will most definitely be a follow up asking you for more of your personal information, as this is a scam.
    • The most disturbing thing in the email content is it will show your home address!
    • The sender has used numerous ways to get your name and address, such as social media or one of the many online address searches.
    • Please note that the footer states the sender is with Advertising Services, a marketing firm, and we know that marketing firms have nothing to do with student loan payments or forgiveness.
    • Finally, the footer tells you how to remove yourself from their mailing list, but please do NOT click or enter the address for unsubscribing, as this is part of the scam (you surely did not ask to be on their mailing list to begin with).
    • If you have received an email like this, please report it using Reporting Phishing Attempts & Other Email Scams.
    • Please remind your students with whom you have contact that this kind of email is a scam!

Important Information

  • Duo Changes
    • As you know, we have been using Duo two-factor authentication since late 2018/early 2019.
    • You have gotten used to seeing the same prompt since then, but this week it has changed.
    • The new prompt still has the UT logo but otherwise looks completely different.
    • To see the new prompt and learn more about the change, please visit Duo Changes for Summer 2024.
    • And please remember that with multi-factor authentication you must always read the notification and make sure you have requested it.
      • There have been recent instances where users have not requested a Duo Push but approved the Push notification on their smartphones.
      • When a request that you did not initiate is approved, there is a hacker on the other end waiting to take the opportunity to get into your account and make changes to your NetID password, direct deposit information, etc.
  • Restart Your Computers!
    • I know that many of us do not shut down our computers every single day.
    • There may be processes running at the end of the day and won’t be finished before you leave.
    • If you need to leave your computer running, I understand, but PLEASE lock it before you leave your desk.
    • It is very important to either shut down or restart your computer at least a couple of times a week.
    • The biggest reason this is so important is to make sure your OS, app, and browser updates and patches are being applied properly.
    • In addition, with the new UT security initiatives, a restart is necessary to ensure that these things are getting installed correctly.
    • So please remember to turn off your computer when you leave or restart when you come in on a regular basis.

  • Reporting Phishing Scams
    • We all get emails that are hard to determine whether they are legitimate or not.
    • I am always here to help you decide and you can rest assured that if I am not sure about an email’s legitimacy, I will do everything I can to find out for you.
    • But once it has been determined that an email is a scam, it is very important to report it the right way.
    • When you report the scam to OIT Abuse, please follow these instructions: Reporting Phishing Attempts and Other Email Scams.
    • Sending the Internet header is very useful in determining where the email originated, maybe not the actual street address, but knowing the server’s origin and how many servers the email passed through is very significant information for the email administrators.
    • When you report the email, it lets the OIT HelpDesk know there is scam, and they can pass that information along to others who can help prevent something bigger from happening.
    • And when enough people report the same email, it helps the email administrators take quick action by stopping the email from going to other email inboxes.
    • In addition, the email administrators can actually pull the email that has already been sent to other inboxes, even if the email has already been read.
    • That has happened a few times just as I was about to respond to someone asking about the validity of an email.
    • And copying me when reporting something to OIT Abuse, helps me know when I need to get something out to everyone alerting them to a threat.

I thank everyone for everything you do each day to protect the Institute and its data. I am so proud of how everyone is so mindful about IT security. And please remember you can contact me at any time if you have any questions or concerns. I am here to help you!

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone has an email group for students who are not employees of your department, please let me know what that address is, and I can include it. I do this as a blind copy so student names and addresses will not show up!

Sandy Lindsey
Chief Information Security Officer
Information Technology Services
The University of Tennessee
Institute of Agriculture

 

 

G061​ McCord Hall
2640 Morgan Circle Drive
Knoxville, Tennessee, 37996
Phone: (865) 974-7292; (865) 806-5224
sandy@tennessee.edu