Good afternoon, everyone.

Today I want to remind you of a recurring non-threat that we receive annually. I also want to remind you about two ongoing (never-ending) threats that are pretty active right now.

Current Non-Threat

• Employee Survey
  • The sender is McLean & Company <survey_@_mcleanco.com>.
  • The subject is McLean Employee Experience Survey.
  • The content shows various colored blocks numbered 0-10.
  • To complete the survey, click on the block you wish to use as your score, then you will have the opportunity to add comments.
  • UT System is asking everyone to complete this annual survey.
  • The survey comes out at various times throughout the year, so I don’t know who will get it and when.
  • You can always ask me if you are unsure!

Current Threats

• Spear Phishing Attempts (email)
  • Spear phishing attempts are once again making their way throughout the Institute and within all the units.
  • The sender may look to be your supervisor or other member of UTIA leadership, but please notice is that the email address is not the actual address you should expect.
  • The message is always very brief and very vague.
  • The message will say not to call, but to only reply directly to the email.
  • It looks like you are the only person receiving the email, but the blind copy function has been used, so many other people have also received it.
  • Please do not respond to these emails.
  • If you receive one of these emails, please use the instructions at Reporting Phishing Attempts & Other Email Scams to report the email.
  • You can read more about past spear phishing attempts by visiting Spear Phishing in the UTIAsecurity knowledge base.

• DocuSign Requests (email)
  • There are so many different people receiving DocuSign scam emails recently.
  • If you receive a request to sign something in DocuSign and you aren’t expecting anything, please call the sender at their known number (not one from the email).
  • If you don’t know the person or don’t do business with the company sending the document to sign, please don’t open it.
  • If the document was sent to your <netid>@utk.edu address, it is most likely not legitimate because UTIA uses only <netid>@tennessee.edu for our DocuSign accounts.
  • If you receive a document to sign via DocuSign, please do not click on the link in the email, but rather log into your account at https://docusign.com using <netid>@tennessee.edu.
  • If you are sending a document to UTIA faculty or staff, please remember to always use their @tennessee.edu address!
  • Also, if you are sending a document to UTIA faculty or staff for signature, be sure you include a description in the “Email Message” under the “Add message” section within DocuSign.
  • If you receive a fake DocuSign email, please use the instructions at Reporting Phishing Attempts & Other Email Scams to report the email.
  • To read more about what to watch for go to DocuSign in the UTIAsecurity knowledge base.

As always, I thank each of you for all the work you do to protect the Institute and its data. By asking before clicking on something questionable, you are keeping the Institute’s data, and your own, safe and out of the hands of cybercriminals. Please know that you can ask me anything at anytime if you have security questions or concerns. That’s why I am here!

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone else has an email group for students who are not employees of your department, please let me know what that address is and I can include it. I do this as a blind copy so student names and addresses will not show up!