Current Non-Threats, Current Threats, Security Awareness Newsletters

This Week’s Cybersecurity News, 02/12/2025

Posted on Feb 12, 2025Share on

Attention sign (Red triangle with and exclamation point)

Hello, everyone.

This week I want to tell you about one current non-threat and a current threat. The current threat is important to be very cautious of, particularly at a time when the number of flu cases (and other contagious viruses) is on the rise.

Current Non-Threat

  • Retirement Planning (email)
    • Today an email was sent from the Senior CV and Senior VP of UTIA.
    • The Subject is Retire Ready – A Program of the Tennessee Department of Treasury.
    • The message tells you about two retirement plan advisors with Empower Retirement, which is the Retire Ready Tennessee program.
    • This message tells you that you can click a link to schedule a meeting with these advisors and it tells you what you can expect during this meeting.
    • This message is legitimate.
    • And PLEASE remember that Empower Retirement is the only retirement planning service that is affiliated with UT and the State’s Retire Ready Tennessee service.

Current Threat

  • Health Advisory (Phishing Scam)
    • There are new emails coming out about the potential for health issues in the UT community.
    • The sender is using an address with @uhn.newhyaven.edu.
    • The Subject is Health Advisory Against Contagious Virus.
    • The message content says, in part, “Recently, we have been made aware of a situation concerning the health of 2 of our staff members. This individual has tested positive for a contagious virus, which has prompted us to take immediate measures to ensure the safety and well-being of everyone at our institution.” (I underlined the big mistake here!)
    • There is a link for “Close Contact Tracing Page” which supposedly mentions the affected staff member.
    • Please do not click, as the link is NOT a valid link and it would be a HIPAA violation to actually name a person like this.
    • Do not click on the Public Health email provided, but if you hover over it, you can see that the link does not match the actual address.
    • The signature at the bottom of the email is a person who is not employed by UT nor does the person have any affiliation with UT.
    • Please know that if there was an actual public health advisory within the UT System you will never be notified by someone who does not work for the University, as the sender address and signature both show.
    • Please click the red “Report” button in your Outlook ribbon and choose “Report Phishing.”
    • If you still don’t have the Report button, please forward the email to abuse@utk.edu until the Report button is made available in your Outlook version.

Thank you for all you do to help keep the Institute’s data safe, as well as your own. Please don’t hesitate to let me know whenever you have any questions or concerns.

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone else has an email group for students who are not employees of your department, please let me know that address and I can include it. I do this as a blind copy so student names and addresses will not show up!

Sandy Lindsey
Chief Information Security Officer
Information Technology Services
The University of Tennessee
Institute of Agriculture

 

 

G061​ McCord Hall
2640 Morgan Circle Drive
Knoxville, Tennessee, 37996
Phone: (865) 974-7292; (865) 806-5224
sandy@tennessee.edu