This Week’s Cybersecurity News, 01/20/2023

Share on

This week’s e-newsletter contains information about one current non-threat and some current threats. There is also information about a new Firefox update you need to make sure you have.

Current Non-Threat

  • Kahoot! EDU (email)
    • The sender is Aron at Kahoot! <schools@team.kahoot.com>.
    • The subject is UTK is Inviting You to Upgrade to K!EDU!
    • The email says that, as a current Kahoot! User you get the first option to joining the new UTK Kahoot! EDU Standard.
    • The email lets you know how to migrate your current account and “kahoots” over to the new UTK account.
    • I have verified with OIT that this is legitimate.
    • Emails were sent on 01/19, to current Kahoot! users from the UTK Kahoot! rep inviting them to use the UTK license.
    • Kahoot! is a Norwegian game-based learning platform, used as educational technology.
    • The platform offers learning games called “kahoots” that are user-generated multiple -choice quizzes that are accessed via a web browser or the Kahoot! app.

Current Threats

  • Holland Group Invoice (phishing email)
    • The sender is Gilbert via DocuSend <gilbert.roels@telenet.be>.
    • The subject is Invoice INV-0173 from Holland Group Pty Ltd as Trustee for Holland Family Trust for Bell Family Trust PTY LTD.
    • The email says that  $2,112.00 is due. (The amount may vary.)
    • There is a button to allow you to view the invoice, but do NOT click.
    • There is also a link to view your bill online, but please do NOT click on that one, either.
    • If you receive this email or any similar emails, please report it using the instructions found at Reporting Phishing Attempts.
  • Norton Invoice (phishing email)
    • This was first mentioned in last week’s e-newsletter, but it still being reported to me.
    • The sender appears to be Norton Support, but the email address is service@paypal.com.
    • The subject is Invoice from Norton Support.
    • The email says that  $699.00 is due on receipt. (The amount may vary.)
    • There is a button to allow you to view and pay the invoice, but do NOT click.
    • There is a note that this is a Norton 360 Premium subscription and will “renew successful” with the $699 being debited from your PayPal account.
    • The footer is likely a copy of a legitimate PayPal footer and shows the actual address of PayPal in San Jose, CA.
    • The phone number shown in the email’s content is NOT a number for the PayPal service team, but appears to be a mobile number for a person in Hawaii.
    • If you receive this email or any similar emails, please report it using the instructions found at Reporting Phishing Attempts.
  • Domain Networks Invoice (regular mail)
    • While this is not a cyber security threat, it is worth telling you about.
    • The letter is from Domain Networks.
    • Domain Networks makes it very clear that this subscription is not for the renewal of the domain tennessee.edu (in this case), but it a subscription for Domain Networks to list tennessee.edu in its directory.
    • The letter says that this is not a bill.
    • It also says this is a solicitation and you are under no obligation to pay the $289, unless you accept their offer.
    • I have done some checking on Domain Networks and they are a “real” company.
    • The Better Business Bureau (BBB) shows Domain Networks as an Internet Marketing Services company with a customer rating of 1.09/5 based on 78 customer reviews.
    • The BBB says Domain Networks is not BBB Accredited and gives it an “F” rating.
    • I have found MANY Google search results saying this is a fraud and a scam.
    • I think that if you read the letter closely and all the explanations Domain Network gives about it being a solicitation and not a bill, it is not illegally defrauding anyone.
    • However, I do think they are being pretty deceiving, hoping that the recipients will not read very carefully.
    • And my final comment is that regular mail must be closely deciphered just like email, but at least you don’t have the links and attachments to worry about!

Browser, OS, and Software Updates

  • Firefox
    • Mozilla has released security updates to address vulnerabilities in Firefox.
    • These vulnerabilities could allow an attacker to take control of an affected system.
    • Since your browsers are being managed by UTIA ITS, you should be getting the updates automatically.
    • If you do not close your browser regularly, you may not have the latest updates.
    • In your Firefox browser, go to Settings (the three lines in the upper right-hand corner) and scroll down to Help.
    • Click on Help, then click on About Firefox.
    • A window will open to show you if your browser is up to date and what version you should have.
    • If you don’t have Firefox 109, please restart the browser to get the update.

Thanks for all you do to protect the Institute and its data. I am here to help you, so don’t hesitate to let me know if you have questions or concerns. And don’t forget that I post these newsletters to https://UTIAsecurity.tennessee.edu. You can find the most current posts on the home page, while all newsletters are archived and easily searchable by categories and tags.

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone else has an email group for students who are not employees of your department, please let me know what that address is and I can include it. I do this as a blind copy so student names and addresses will not show up!