Hello, everyone.

This week I want to remind you all about a current threat. I also need to let you know some important information about the upcoming change to logging into your Windows computer. And I want to pass along some information to you so you can help keep your credit cards protected.

Current Threat

• Health Advisory (phishing email)
  • The sender appears to be an actual UT employee, but has no ties to anything with health and safety.
  • The subject is Advisory for All Staff.
  • The email’s content tells you about monitoring and tracing efforts concerning the avian flu (HPAI) outbreak and goes on to say there are four cases of infected people at UT who have given a list of people they met and places they visited.
  • The email says that all staff members are required to complete a verification process to determine potential exposure and includes a link.
  • Please DO NOT click on the link, as it is not real.
  • If you hover over the link, you can see that it has nothing to do with UTK or HPAI tracing.
  • It also gives an email address for “utkcare@utk.edu” but this address does not exist and when you hover over it, the actual address shows an address for a different university altogether.
  • Finally, the email is signed by Bryan Paul, but there is no one by that first and last name at UT.
  • This was reported by several people right away, so the email has most likely been pulled by the email administrators.
  • But always remember that these health notices are not legitimate.
  • The names are always off and so is the department name and email.
  • The University cannot share information about specific people and their health conditions, so if you see a link that says you can click it to find out names, this is a sure sign it is not real.
  • You know you can always forward the email to me and I will check it out.
  • And as soon as you know it is a scam, please report it to OIT so they can start pulling the emails from all inboxes.
  • For details on reporting phishing or junk emails, see Reporting Phishing Attempts & Junk Email.

Important Information

• Computer Login Change
  • On 05/21/2025, UTK’s Office of Innovative Technologies Information Security team will implement a new secure login for all UT-owned and grant-funded computers.
  • When you start your Windows computer or activate it from sleep mode, you will have to start the login process by entering Ctrl+Alt+Delete on your keyboard.
  • I know you are familiar with using Ctrl+Alt+Delete to lock your computer screen, but on 05/21, this will also activate the login process from a locked computer.
  • By using this secure login process it will ensure that this is the only allowed login and no redirect can take place that could cause a compromise of your credentials.

• Credit Card Skimming
  • I recently attended an FBI Briefing about recent investigations of Romanian organized crime and the ties to credit card skimming.
  • The FBI defines skimming as the modification of ATMs, Point of Sale (POS) terminals, or fuel pumps to achieve unauthorized intercept, for criminal exploitation, of payment card data during otherwise legitimate transactions.
  • The FBI says that skimming groups target vulnerable devices utilizing concealed card readers and/or data-capture devices to capture card data.
  • These groups also use pinhole cameras (usually above the screen) and/or keylogging overlays to record personal identification number (PIN) entries.
  • ATM skimming devices may be bezel mounted, placed internally, or situated along exposed cables.
  • Fuel pump skimming most often involves the use of a data-capture device placed inside the fuel pump terminal.
  • The FBI stated that Electronic Benefits Transfer (EBT) cards are often key targets, partly because they are not chip-enabled.
  • Here are some things you can do to help avoid being skimmed.
    • Inspect the ATM, gas pump, or credit card reader before using it.
      • If you notice anything loose, crooked, or damaged then don’t use the device.
      • If you notice scratches or adhesive/tape residue then don’t use the device.
    • When asked to enter your PIN, block the keypad with your other hand to prevent any possible hidden camera from recording your number as you enter it.
    • If at all possible, use an ATM inside the bank since there is less access for criminals to install a skimmer.
    • Be extra cautious of ATMs located in tourist areas as these are popular targets of skimmers.
    • If your card is not returned at the end of the transaction or after hitting “cancel,” immediately contact the financial institute that issued the card.
    • If given the option to tap-to-pay, do this instead of inserting the card into a reader, as tapping the chip is much harder to skim because the transactions are encrypted and tokenized.
  • Please take caution any time you use a credit card device whether you are using a UT travel card, procurement card, or your own card.
  • Always pay close attention to see that you don’t have unauthorized charges on your card.
  • And please immediately report any potential problem or concern to your financial institution.

I can’t tell you enough how much I appreciate you all and I am always here whenever you have any questions or concerns.

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone else has an email group for students who are not employees of your department, please let me know that address and I can include it. I do this as a blind copy so student names and addresses will not show up!