This Week’s Cybersecurity News, 07/06/2023

Share on

Good afternoon!

I hope everyone had a great Fourth of July. In this edition of This Week’s Cybersecurity News, I want to tell you about a twist on a recurring threat. We have seen the Microsoft password verifications a bit in recent weeks, but this week’s versions are just a little different. I also want to address a question about the newsletters.

Current Threats

  • Microsoft Password Expiration (phishing email)
    • The sender varies with “Support Notification” and “Service_HelpDesk” being two examples, but are not associated with UT in any way.
    • The subject varies with Mailbox Access Expiry Notice to <recipient email address> <date and time> and Action: Required <recipient email address> Validation <date> as two examples.
    • The emails look very different, but contain variations of the Microsoft logo.
    • The content is different, but show that your password is about to expire and you should click the box to keep your password.
    • PLEASE DO NOT CLICK!
    • These emails are not from UT, nor are they from Microsoft.
    • Always remember that your email account uses your NetID and password, so Microsoft would never send you a message that your UT email password is about to expire.
    • UT will not send you an email saying that your Microsoft password is about to expire because OIT does not refer to it as a “Microsoft password.”
    • If you receive an email like this, or any other suspicious email, please report it using the Reporting Phishing Attempts instructions.

Ask Your CISO

  • I recently had a student employee ask how they could unsubscribe from these newsletters.
    • These newsletters are not a LISTSERV, so there is no option to unsubscribe.
    • Any employee of the Institute with a UT email address is on the list to receive the newsletters.
    • These newsletters are actually a part of the UTIA IT Security Program per UTIA IT0123 – Security Awareness, Training, and Education Policy.
    • While I know we are inundated with so many emails, I try to limit the content to what everyone really needs to know.
    • It is important to me to share known issues and current threats, as well as non-threats that I am asked about.
    • If several people are asking about the same kinds of emails, then I want to let everyone else know, too.
    • And if I don’t have anything really pressing, I will skip a week.
    • Some items appear more than once because they tend to go away, but then return in the same or very similar way.
    • Many threats target students, so it is important to include all student employees.
    • It is also very important for employees to share this information with non-employees, which can include students, family, clients, etc., because we should all do our part to protect anyone and everyone from cyberthreats.  

I thank each of you so much for everything you do every day to protect the Institute and its data. Please let me know any time you have any questions or concerns when it comes to IT security!

Have a great rest of the week!

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone has an email group for students who are not employees of your department, please let me know what that address is and I can include it. I do this as a blind copy so student names and addresses will not show up!