Current Threats, Security Awareness Newsletters

This Week’s Cybersecurity News, 04/29/2026

Posted on Apr 29, 2026Share on

Circle with a padlock inside and the words "Cyber Security all around the lock

Good afternoon, everyone!

Today is a rather lengthy newsletter, but I need to let you let you know about a current threat, and I need to ask for your help with Outlook that is not the current supported version. I also want to let you know about an upcoming change for logging into many UT applications. I also want to remind you about maintaining device and data security while traveling, both in the US and internationally.

Current Threats

  • Invoices and Receipts (phishing)
    • There have been many reports of phishing emails the past week regarding invoices and payment receipts.
    • The sender is supposedly Geek Squad but there are multiple addresses involved and they are all using @hotmail com.
    • The subject varies, but most of them have had varying unknown persons’ first, middle, and last names.
    • These emails include either a fake invoice or receipt for a subscription for Geek Squad’s services.
    • While there is a Geek Squad logo included in all the emails, some of them are in no way similar to Geek Squad’s official logo.
    • I have looked at the phone numbers given in the emails and none of them are the same, nor are they correct.
    • The scammer(s) are hoping you will call the number without checking it, then will ask you for your personal information, including your credit card number, for verification.
    • If you receive one of these phishing emails, please report it using the red Report button found at the upper left corner of the Outlook ribbon.
    • If you do not have this button, please refer to Reporting Phishing Attempts & Junk Email.
    • You can also refer to This Week’s Cybersecurity News, 04/15/2026 for more information on why reporting is so important.

Important Information

  • Outlook Help Needed
    • My last newsletter, This Week’s Cybersecurity News, 04/15/2026, covered some important information in the Ask Your CISO section regarding the reporting of phishing emails.
    • I got a lot of emails from users who said they still do not have the red Report button.
    • It is very important that you have the UT-supported versions of Microsoft 365 Office or that you are using the online version.
    • The red Report button can be found on the upper left corner of the Outlook ribbon, whether you are in the fully opened email window or you have merely clicked on the email from the main window.
    • If you do not see this, please check for the version of Outlook you are using by clicking on File (top left), then Office Account (bottom left), then you should see “Microsoft 365 Apps for enterprise” on the right side. (Mine shows Version 2603, which is Microsoft’s way of saying it is Microsoft 365 Apps, Office from year 2026.)
    • If you do not see this, then look for “About Outlook” on the right side and see what the version is and email that to me.
    • When I receive your email, I will create a trouble ticket for the appropriate IT person to help you with the update.
    • However, if you are with CVM, I will let CVM Computer Support know that you need help since they have their own ticketing system.
    • Once you have Microsoft 365 Apps, then Microsoft 365 and Office will automatically download and install patches and new versions.
    • It is very important that we always have the most up to date versions of any app, but Outlook is especially important because it will help with reporting of phishing emails which will also aid in the accuracy of our new phishing detection tool.
  • New Sign-In Experience
    • UTK’s Office of Innovative Technologies (OIT) will be updating how you sign in to many of UT’s applications that use UT’s Central Authentication Service (CAS) or Single Sign-On (SSO).
    • These applications include:
      • Adobe Creative Cloud
      • Canvas
      • DASH
      • LinkedIn Learning
      • MyUTK
      • Qualtrics
      • RingCentral
      • Software Distribution Site
      • VolCard
      • VolLink
      • VPN
      • Zoom
    • Currently you are using your NetID, but beginning May 27, 2026, you will use your UPN (user principal name), which is typically NetID@utk.edu for UTK/UTIA/IPS faculty and staff or NetID@vols.utk.edu for UTK students.
    • There may be times when “@utk.edu” will not be correct for some people who may have started at another campus so OIT created a way to Look up your UPN online if you are unsure.
    • You will continue to use your NetID password.
    • In addition to the login name change, the sign-in page is being updated, too.
    • For more details, please visit New Sign-In Experience Coming May 27.
    • Important Travel Reminders
      • This is the time of year for many faculty, staff, and students to travel so I need to remind you about some very important things to protect your devices, your data, and yourself.
      • When traveling in the US make sure you:
        • Do not share travel information via social media until you have returned.
        • Make sure each and every device you take with you has a strong and unique password.
        • Enable additional security features such as Touch ID, Face ID, multifactor authentication, screen timeouts, etc.
        • Update all apps and the OS on any device before you go.
        • Turn on the ‘track device’ option in your mobile device settings so that you can remotely wipe the device ASAP if it is lost or stolen.
        • Backup important data.
        • Use UT’s Ivanti VPN when connecting to anything work-related (this is required!) but also use it for any personal online activity.
        • Do not use public WiFi networks (e.g., the ones in your hotel, restaurants, coffee shops, airports, etc.) because they are not secure and your data can easily be stolen.
        • Do not use public computers for any reason due to them being unpatched, unmonitored, may have a keylogger or other malware, etc.
        • Do not forget to manually terminate any and all WiFi connections when you are finished with your online activities.
        • Do not leave your devices unattended at any time or in any location.
        • Do not put in your checked luggage.
      • When traveling internationally make sure you:
        • Do NOT, under any circumstances, take any UTIA-owned device(s).
        • If you need to do some sort of work on a laptop while you are gone, you can get a loaner laptop by calling UTK’s OIT HelpDesk at (865) 974-9900.
        • Do not copy Institute data to the loaner laptop but instead save any data on an encrypted USB flash drive that you keep in your possession at all times (make sure the country you are visiting allows the use of encryption!).
        • Do not take personally-owned mobile devices if at all possible, instead using a burner phone for protection.
        • Check the US Department of State site for county-specific regulations and risks to make sure you prepare yourself for following the laws where you are traveling, which is particularly important for certain countries.
          • Choose the country you are visiting by choosing from the dropdown list under “Learn about your destination”.
          • While you should read anything available for that country, keeping in mind that each country on the list may look different in layout and information.
          • Note that not all countries allow VPN usage and there are dire penalties, including arrest, if caught using.
          • If you cannot use a VPN in the country you are visiting, it is best to not use any kind of device while there as everything you are doing online is being tracked.
          • Since global issues can change in the blink of an eye, please make sure you check the site often.
        • When in doubt, please leave all devices at home to keep anything from happening to you and your data.
        • Do not share travel information via social media until you have returned.
        • Do not share ANY information with people in another country if you do not know them well.
        • As paranoid as this may sound, you will likely be monitored from the time you get off the plane until after you leave certain countries.
        • Make sure each and every device you take with you has a strong and unique password.
        • Enable additional security features such as Touch ID, Face ID, multifactor authentication, screen timeouts, etc.
        • Update all apps and the OS on any device before you go.
        • Turn on the ‘track device’ option in your mobile device settings so that you can remotely wipe the device ASAP if it is lost or stolen.
        • Do not use public computers for any reason due to them being unpatched, unmonitored, may have a keylogger or other malware, etc.
        • Do not forget to manually terminate any and all WiFi connections when you are finished with your online activities.
        • Do not leave your devices unattended at any time or in any location.
        • Do not put in your checked luggage.
        • Please follow the instructions by UTK’s OIT for returning the loaner laptop.

    I am so thankful for you being so aware and cautious. I am here for you 24×7 if you ever have any questions or concerns that need to be addressed right away.

    Sandy

    Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone else has an email group for students who are not employees of your department, please let me know what that address is and I can include it. I do this as a blind copy so student names and addresses will not show up!

    Sandy Lindsey
    Chief Information Security Officer
    Information Technology Services
    The University of Tennessee
    Institute of Agriculture

     

     

    G061​ McCord Hall
    2640 Morgan Circle Drive
    Knoxville, Tennessee, 37996
    Phone: (865) 974-7292; (865) 806-5224
    sandy@tennessee.edu