Current Non-Threats, Current Threats, Security Awareness Newsletters

This Week’s Cybersecurity News, 03/26/2025

Posted on Mar 26, 2025Share on

Files being transfered from one mobile device to another

Hello, everyone.

This week I want to tell you about one current non-threat and a current threat. I also want to let you know about an upcoming change.

Current Non-Threat

  • Evite (email)
    • This week I was asked about an mail that appears to be coming from name, <evite[@]mailva.evite.com>.
    • The subject is name, RSVP to Herbert Awards Reception.
    • The message contains an invitation to the Herbert Awards Reception, along with a link to View & RSVP.
    • This message is legitimate.
    • The name associated with the From address is someone I recognized, so I reached out to her for verification.
    • Since UT is moving away from Google, Herbert College will now be using Evite for future events instead of a Google form.
    • Evite is acting as the RSVP for the events, so you can click the link (or hover over the link, then choose to copy the link and paste it into the address bar) to respond.
    • There may be additional notifications for some events, such as an official notification from Herbert College for award recipients.

Current Threat

  • Docusign (email)
    • This afternoon I have had multiple questions about an email claiming to be from Docusign.
    • The From address is Docusign <docusign[@]e.docusign.com>.
    • The Subject is Your document is almost done.
    • The message says that you have a document waiting in your drafts.
    • There is a button to “Complete Your Document” but please do not click it.
    • Remember that you can go directly to https://docusign.com and see if anything is waiting for your action.
    • You must log in using your @tennessee.edu email address and NOT the @utk.edu address. (This is due to licensing.)
    • Once you enter your @tennessee.edu address, click “Next” and then click “Use company login” in order to get to the required multifactor authentication.
    • Please remember that if you aren’t expecting something like this, you need to take the proper steps to determine if it is real.
    • You know you can always ask me any time you aren’t sure.
    • If you receive this email, please click the red “Report” button in your Outlook ribbon and choose “Report Phishing.”
    • If you still don’t have the Report button, please forward the email to abuse@utk.edu until the Report button is made available in your Outlook version.

Upcoming Change

  • UT Vault 2.0
    • On April 09, 2025, UTK’s Office of Innovative Technologies will be releasing a new secure file transfer service.
    • On the same day, the current UT Vault service will be retired along with its current URL https://vault.utk.edu.
    • UT Vault 2.0 will have a new look and a new URL, but that has not yet been released.
    • In the meantime, please start reviewing any files you are presently sharing in the current UT Vault.
    • As you know, these files currently remain for 20 days and are automatically deleted unless you delete them first.
    • Any files left in the current UT Vault will be deleted on April 09, 2025.
    • As a reminder, UT Vault is one of the easiest and safest ways to share files with others who have a need to know.
    • The files are encrypted in transit and at rest, and UT Vault 2.0 will continue that secure transfer of data.
    • One important change to note is that files will no longer remain available for 20 days with UT Vault 2.0, but will be available for only 14 days.
    • Another change is that with UT Vault 2.0, you will not be able to receive notifications when a message is opened like you can now, although this feature has been requested of the developer and may be added later.
    • Keep in mind that if you need to send an encrypted email via Microsoft Outlook, you may still do that by simply adding the word encrypt to the subject line.

Thank you all for your part in keeping the Institute’s data safe. I am always here whenever you have any questions or concerns and I certainly appreciate it when you let me know about potential threats.

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone else has an email group for students who are not employees of your department, please let me know that address and I can include it. I do this as a blind copy so student names and addresses will not show up!

Sandy Lindsey
Chief Information Security Officer
Information Technology Services
The University of Tennessee
Institute of Agriculture

 

 

G061​ McCord Hall
2640 Morgan Circle Drive
Knoxville, Tennessee, 37996
Phone: (865) 974-7292; (865) 806-5224
sandy@tennessee.edu