Ask Your CISO, Current Threats, Security Awareness Newsletters

This Week’s Cybersecurity News, 03/22/2023

Posted on Mar 22, 2023Share on

image of a contract being signed

Today I want to start my newsletter by honoring someone who meant so much to so many of us in the UTIA family. On Friday, 03/17, we lost Lolita Mathis, Administrative Support Assistant II with Perry County. Lolita was the kindest, sweetest, most genuine person who always found the most positive things to say. I am going to miss our friendship and I know UT Extension is going to miss her, as well. Please keep Lolita’s family and her Perry County work family in your thoughts and prayers at this very difficult time. Rest in peace, my sweet friend.

Current Threats

  • UTK ACCOUNT CLOSURE (phishing email)
    • The sender is varied, but all have an email address with @vols.utk.edu.
    • The subject is UTK ACCOUNT CLOSURE.
    • The message tells you that a request has been received to terminate your “office 365 email” and the process has started.
    • The message also says, “We notice that your office 365 has two info different logins with two universities portals. Kindly indicate the two info logins as soon as possible. To avoid termination of both logins within 24hrs,we expect you to strictly here and address it.”
    • There are a number of errors in this message.
    • The message has a link for you to verify your logins, but do NOT click.
    • If you receive this email, please forward it, along with the Internet header, using these instructions, Reporting Phishing Attempts.
  • UTK WORK STUDY (phishing email)
    • The sender is using an address with @vols.utk.edu, and is one of the addresses used in the UTK Account Closure phishing scam and this person is not at UT.
    • The subject is UTK WORK STUDY.
    • There are at least two different messages, but both tell you about an opportunity to work from home.
    • The content contains many errors and doesn’t read as though it was written by someone in higher education.
    • One of the message shows “Job Placement & Student Services” at the end, but UT does not have a department by that name.
    • If you receive this email, please forward it, along with the Internet header, using these instructions, Reporting Phishing Attempts.
    • PLEASE share this information with your students, particularly those who are not employees since they won’t know about this threat if you don’t tell them!

Ask Your CISO

  • How do I get the DocuSign service? Will I use my utk.edu or tennessee.edu login?
    • In 2020, the pandemic created the need for a way to get documents signed in a quick and secure manner.
    • UTIA signed on with UT System Administration to use the licensed version of DocuSign, and for this reason, you will need to use your <NetID>@tennessee.edu address.
    • DocuSign will allow you to upload a document, route for signatures, and complete the process with online signatures.
    • To use DocuSign for any UTIA documents, you can get started by going to https://utiatechnology.tennessee.edu/docusign/.
    • There are some easy-to-follow instructions created by Justin Stefanski that will walk you through using DocuSign.
    • I would like to add a word of advice, though.
      • When you receive an email requesting you to sign a document, I highly recommend that you log into DocuSign first, instead of clicking on the link in the email.
      • By logging in before signing, you can ensure the document you signed is added to your history of completed documents so that you have something to which you can refer for an exact timeline of all signatures on the document.

Thank you so much for all you do to protect the Institute, as well as its assets and data. I am here to help you, so please don’t hesitate to let me know if you have questions or concerns. I truly appreciate all questions and feedback and I can’t thank you enough for alerting me to what you are seeing.

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone else has an email group for students who are not employees of your department, please let me know what that address is and I can include it. I do this as a blind copy so student names and addresses will not show up!

Sandy Lindsey
Chief Information Security Officer
Information Technology Services
The University of Tennessee
Institute of Agriculture

 

 

G061​ McCord Hall
2640 Morgan Circle Drive
Knoxville, Tennessee, 37996
Phone: (865) 974-7292; (865) 806-5224
sandy@tennessee.edu