Hello, everyone.
Happy 2025! It may be a new year, but the old threats are still showing up in email. Today I will share with you the email scams that are prevalent right now and I don’t see them going away anytime soon. I also want to let you know about some new updates you need to have. I also want to share some IT security tips and reminders.
Current Threats
- Emails dealing with your NetID, Password, and/or Email (phishing email)
- The email appears to come from a UTK student (@vols.utk.edu).
- The subject varies but can be EMAIL UPDATE VERIFY, UTK CANVAS UPDATE, or something similar.
- The content of the message is usually brief, but includes wording that conveys a sense of urgency, such as “this is the last time we notify you or “you failed to validate your email account, which may result in the permanent deletion of your account from our database within the next few hours.”
- There is a link to click or copy and paste, but please do NOT do either of these!
- The purpose of these emails is to have to get to a site where you will log in to “verify” your information, but in reality your password will be stolen.
- Please report these as phishing.
- Please know that you will never be sent an email like this from OIT.
- The email will never be sent from an individual student’s account, even if the student works for the HelpDesk, but would come from an official UT account.
- OIT will never give you a link for verifying your password.
- If you get an email that you really aren’t sure about, you can always forward it to me and I will be happy to take a look at it.
Browser, OS, and Software Updates
- Microsoft
- Microsoft has released an out-of-band security update to address a vulnerability in Microsoft Endpoint Configuration Manager.
- Exploitation of these vulnerabilities could allow an attacker to obtain sensitive information.
- Updates are being automatically pushed to Institute-owned computers, but a reboot is often required to ensure the updates are completely and properly installed.
- If you have recently clicked to have your computer restart later to finish these updates, please make sure you reboot right away to ensure all available updates have been applied.
- Adobe
- This week Adobe has released several security updates to address vulnerabilities in multiple products.
- Exploitation of these vulnerabilities could allow an attacker to obtain sensitive information.
- Updates are being automatically pushed to Institute-owned computers, but a reboot is often required to ensure the updates are completely and properly installed.
- Although these updates have most likely already been pushed to your computers, please make sure that there are no more updates.
- Go to the “^” in the lower right portion of the system tray.
- Click on the Creative Cloud logo and it will show you if there are any available updates.
- If there are any updates, go ahead and run them.
Important Security Tips and Reminders
- Browser Configurations
- This is a reminder that UTIA manages browser configurations so you don’t have to.
- Because web browsers are not configured with secure settings by default, we are managing them to help protect the Institute’s data, as well as your own information.
- We have been managing the configurations for all supported browsers since 2021.
- These settings protect against tracking, ransomware, malware, identity theft, etc.
- We are blocking popups, plugins, and phishing sites.
- We set browsers to NOT store passwords.
- We disable third-party cookies.
- We turn off tracking.
- If you cannot get to a legitimate site that you need for your job, please let me know the exact URL you are trying to access and I will make sure we get it whitelisted.
- From time to time a third party may make changes to a site, especially with regards to the URL, so if you are no longer able to get to site you have been using, please let me know the correct URL and we can update that.
- And while Endpoint Central does do third-party patches, you still have to relaunch the browser to ensure the updates have been properly installed.
- There is usually a reminder in the top right corner of the browser window letting you know to relaunch.
- Just close the browser window and open it back up.
- Unexpected Actionable Emails
- I am often asked about the validity of certain emails that come from third parties claiming to be sending on behalf of others within UT.
- I try to track down the UT person(s) with whom the emails are associated so I can find out for sure if it is legitimate and then I put it in a newsletter when it is a non-threat.
- UT System now tries to notify the campus and institute CISOs so we are prepared in advance, and though it doesn’t always happen, it’s nice when it does.
- Last week I got to thinking about how we, as the Institute, send emails with actionable items, but the emails are completely unexpected by the recipient.
- If you have a survey, an attachment, or a document that needs to be signed, but the parties are not accustomed to hearing from you and likely wouldn’t know to expect something from you, please send them an email letting them know in advance.
- I do see a lot of mass emails going out from within UTIA announcing an upcoming survey or other request, so I thank you for that.
- But please remember to let others know if you are going to be sending something they wouldn’t expect.
Thank you for everything you do to protect the Institute and its data. I appreciate your efforts to always be secure!
Sandy
Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone else has an email group for students who are not employees of your department, please let me know that address and I can include it. I do this as a blind copy so student names and addresses will not show up!
