Good afternoon, everyone!

Today I want to let you let you know about a current scam, share some important tips about cautious clicking, and provide you with some important information about servers and vulnerability management. I also want to remind you again of the upcoming change to the sign-in experience that is scheduled for 05/27/2026, which is one week from today, and updating Outlook.

Current Threat

• Bank Scams (texts, calls)
• There have been recent reports regarding text messages and calls that appear to be coming from your financial institution.
• Scammers are trying to trick customers into providing their debit or credit card number, PIN, password, and/or secure codes.
• If you receive a text message that appears to be from your financial institution, do not respond.
• If you receive a phone call from someone asking for sensitive information hang up right away.
• Immediately contact your financial institution using their known phone number to report these texts or calls.

Security Tips

• Use Caution When Clicking Links
  • There are times when you start to click a link in an email or an online search result but please take caution before you click anything!
  • Just because a link appears to be something you should trust, there may be an intentional redirect that you won’t notice if you don’t pay close attention.
  •  Always hover over the link before clicking, even if the link appears to be legit.
  • You may see that google.com, for example, has a completely different destination when you hover.
  • When in doubt, manually type in the address remembering that redirected links can take you to fraudulent sites or may install malware just by clicking.
  • You can also hover over a link, right-click the link address, choose Copy, then right-click in your browser’s address bar to Paste the link.
  • Finally, when you do a search in your browser, steer clear of clicking on any link listed as Sponsored in the search returns, as scammers will buy search ads to place malicious “lookalike” links.

Important Information

• Servers & Vulnerability Management
  • Yesterday an email went out to the LANMAN listserv stating that anyone who is running their own server(s) will have until December 18, 2026, to patch their systems and maintain their servers in a manner that is expected.
  • Any server not properly managed will be removed from the network.
  • UTIA has had Vulnerability Management Procedures in place for several years stating that any server on our network must be scanned regularly and patches must be completed by the following timeframe:
    • Critical Severity – Must Remediate Within 7 days
    • High Severity – Must Remediate Within 14 days
    • Medium Severity – Must Remediate Within 60 days
    • Low Severity – Must Remediate Within 90 days
  • The UTIA CISO must be notified of any server on our network and the UTIA Networking Server Manager will help the server administrator install the appropriate software in order for the server to be properly scanned.
  • The UTIA Networking Server Manager will review the scans and let the server admins know when vulnerabilities have been detected.
  • All servers used at the College of Veterinary Medicine are managed by CVM Computer Support.
  • If you are managing a server that I am unaware of, please let me know as soon as possible so we can get the proper scanning tools in place.

• New Sign-In Experience (Reminder)
  • UTK’s Office of Innovative Technologies (OIT) will be updating how you sign into many of UT’s applications that use UT’s Central Authentication Service (CAS) or Single Sign-On (SSO).
  • These applications include:
    • Adobe Creative Cloud
    • Canvas
    • DASH
    • LinkedIn Learning
    • MyUTK
    • Qualtrics
    • RingCentral
    • Software Distribution Site
    • VolCard
    • VolLink
    • VPN
    • Zoom
  • Currently you are using your NetID, but beginning May 27, 2026, you will use your UPN (user principal name), which is typically NetID@utk.edu for UTK/UTIA/IPS faculty and staff or NetID@vols.utk.edu for UTK students.
  • There may be times when “@utk.edu” will not be correct for some people who may have started at another campus so OIT created a way to Look up your UPN online if you are unsure.
  • You will continue to use your NetID password.
  • In addition to the login name change, the sign-in page is being updated, too.
  • This is a fairly easy change; it will just take a little time to get used to it since we have used only the NetID as the username for so long.
  • For more details, please visit New Sign-In Experience Coming May 27.

• Outlook Help Needed (Reminder)
  • In the last few newsletters, I asked for help finding the users who have older versions of Outlook.
  • I have heard from several users who said they still do not have the red Report button.
  • While the Report button is an important part of this process, it is not the only part.
  • The ability to properly report does help the new phishing detection system get updated so that it will hopefully stop erroneously saying that actual phishing emails are clean.
  • This button also helps with the phishing simulation exercises that are sent to users by UTK’s OIT by letting them know users are aware of what to do if they receive phishing emails.
  • While the Report button is an important part of this process, it is not the only part.
  • Another important factor to having the right version of Outlook is having one that is supported, patched, updated, etc.
  • Office 2016 and Office 2019 reached end of support on 10/14/2025, while Office 2021 ends 10/13/2026.
  • Office 2024 and Office 2026 (Office LTSC accounts) are still going to be supported by Microsoft for now, but I don’t have end of support dates for them.
  • Once you have Microsoft 365 Apps for Enterprise, updates will automatically download and install regularly and add new features are added monthly.
  • Office LTSC versions receive security updates only and do not receive new features after the launch.
  • It is preferred that you use Microsoft 365 Apps for Enterprise so that you can take advantage of the special features that allow for more collaboration, better productivity, and consistency across the UT System.
  • As a reminder you can check for the version of Outlook you are using by clicking on File (top left), then Office Account (bottom left), then you should hopefully see “Microsoft 365 Apps for enterprise” on the right side.
  • If you do not see this, then look for “About Outlook” on the right side to see what the version is and email that to me.
  • When I receive your email, I will create a trouble ticket so the appropriate IT person can help you with the update.
  • However, if you are with CVM, I will let CVM Computer Support know that you need help since they have their own ticketing system.
  • It is very important that we always have the most updated versions of all apps.

Thank you so very much for all you do!

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone else has an email group for students who are not employees of your department, please let me know what that address is and I can include it. I do this as a blind copy so student names and addresses will not show up!