Current Non-Threats, Current Threats, Security Awareness Newsletters

This Week’s Cybersecurity News, 06/08/2023

Posted on Jun 09, 2023Share on

man smiling about sending an email scam

Happy Friday Eve!

This week I have a couple of non-threats I want to tell you about. They both threw me off because I found so many things in them that did not seem right, but after a bit of research and finding the right people to ask, I can finally confirm they are legit. I also want to let you know about a current scam and there is a new Firefox update you need to have.

Current Non-Threats

  • Intellectual Property Agreement (email)
    • The email is from HRBATCH (HRBATCH@tennessee.edu).
    • The subject is Intellectual Property Agreement – Reminder.
    • The message contains information about an email you may have already received from your Chancellor informing you about recent changes in federal regulations requiring UT to have written agreements with all employees working on federally funded projects and makes mention of UT Board Policy BT0024 and provided a link.
    • The message says that you have not yet signed the document, but it also says that you will only have to do this once.
    • There is a link in the email for you to review and electronically sign the document: University of Tennessee Intellectual Property Agreement.
    • In checking out this email for the kind person who asked about it on May 12 (thank you for your patience, Ryan), I found that the link to policy BT0024 was wrong and gave a 404 error.
    • I then contacted the UTSA Research Office and let them know that policy BT0024 was showing on the UT Policy site as Statement of Treasury Policy, but the Statement of Policy on Patents, Copyrights, and Other Intellectual Property is BT0011.
    • The link for the IPA review has been updated in the last week and is now https://ipa.tennessee.edu.
    • I am hoping that the policy information has also been updated in the automated email from HRBATCH, as well.
    • If you receive this email from HRBATCH about the Intellectual Property Agreement, it is legitimate, but feel free to forward it to me if you have any doubts at all.

  • InfoReady (email)
    • The email is from support@inforeadyreview.com.
    • The subject is Request to Review an Application.
    • The message has a UT System logo at the top.
    • The message lets you know that <someone> has requested your approval to submit an application for an internal competition.
    • The message tells you to click the “View Application” button to view and approve the application.
    • The message says to contact a specific person, but the email address shown (in one particular example) belongs to someone else.
      • I have confirmed that both work for the same group.
    • I spoke with the Associate Vice Chancellor for Research & Innovative Initiatives.
      • He has confirmed that the email is legitimate and that Research has started doing the internal competitions in this way.
      • He confirmed that once you review the application, it goes to Dr. Tim Rials, then on to Research.
    • If you receive this email, it is legitimate, but feel free to forward it to me if you have any doubts at all.

Current Threats

  • IT Desk (phishing email)
    • The email is from someone who appears to be a student.
    • The subject is IT DESK WARNING.
    • The message says, in part, “We received a notification that indicates that you recently requested to shut down your University of Tennessee email account as you are no longer a student and this request will be processed shortly.”
    • There is a link to dispute the request, but the message says if you don’t cancel the request your email will be terminated and your data will be permanently lost/deleted.
    • Please do not click on the link!
    • This is absolutely a scam.
    • There is no identifiable information about who the sender represents, as the message is signed “UT IT Dept.”
    • There is no “UT IT Dept.” and there is no “IT Desk” at UT. (I think you all know the correct names for this and I don’t want to help the scammers get it right next time, so email me if you need to!)
    • If you receive this email, please forward it, along with the Internet header, using these instructions, Reporting Phishing Attempts.

Browser, OS, and Software Updates

  • Firefox
    • Mozilla has released security updates to address vulnerabilities in Firefox.
    • These vulnerabilities could allow an attacker to take control of an affected system.
    • Since your browsers are being managed by UTIA ITS, you should be getting the updates automatically.
    • If you do not close your browser regularly, you may not have the latest updates.
    • In your Firefox browser, go to Settings (the three lines in the upper right-hand corner) and scroll down to Help.
    • Click on Help, then click on About Firefox.
    • A window will open to show you if your browser is up to date and what version you should have.
    • If you don’t have Firefox 114, please restart the browser to get the update.

I thank you all so much for all you do to protect the Institute and its data. Please let me know any time you have any questions or concerns when it comes to security!

Have a great rest of the week!

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone has an email group for students who are not employees of your department, please let me know what that address is and I can include it. I do this as a blind copy so student names and addresses will not show up!

Sandy Lindsey
Chief Information Security Officer
Information Technology Services
The University of Tennessee
Institute of Agriculture

 

 

G061​ McCord Hall
2640 Morgan Circle Drive
Knoxville, Tennessee, 37996
Phone: (865) 974-7292; (865) 806-5224
sandy@tennessee.edu