Current Non-Threats, Current Threats, Security Awareness Newsletters

This Week’s Cybersecurity News, 08/01/2024

Posted on Aug 01, 2024Share on

AI-generated photo of a man working at a computer

Good afternoon, everyone.

Today I want to remind you of a legitimate email, and I want to let you know about two current phishing scams. I am also sharing important information about a required form for IT applications and services purchases.

Current Non-Threat

  • Bank of America  (email)
    • The sender is Bank of America Commercial Card <globalcardaccess[@]bofa.com>.
    • The subject is Your statement is available.
    • The content tells you that you have one or more statements available to view in Global Card Access.
    • This email is legitimate.
    • UTSA’s Accounts Payable has confirmed that any user who registers their UT-issued credit card (e.g., travel card) through Global Card Access (GCA) will receive a statement notification at the end of each billing cycle.
    • You may view your statements through GCA, but you do not need to do anything with the statement.

Current Threats

  • Giveaway (phishing email)
    • The sender appears to be a UTC employee.
    • The subject is INSTRUMENTS FOR MUSIC AND CAMERA GIVEAWAY (+1 737 386-1596).
    • The email was sent to MANY users including faculty, staff, and students across the UT system, as well as recipients outside of UT.
    • The message begins with, “Mrs. Lu is relocating and wants to give away her late husband’s musical instruments to interested students or staff.”
    • The message concludes by saying the items are free but there is no pickup option, and you must pay shipping fees.
    • This email is a scam and was likely sent by a compromised account.
    • Please do not respond!
    • If you have received an email like this, please report it using Reporting Phishing Attempts & Other Email Scams.
    • Please make sure that you share this information with all of your students, not just student employees!
  • Pet Sitters (phishing email)
    • The sender is using an email address with “@uc.cl,” which is a domain belonging to the Pontifical Catholic University of Chile.
    • The subject is PET CARE ASSISTANCE.
    • The email says that the sender is a former student of UT and their “aunt is moving around the school’s environs and needs a petsitter for her two months old pups.”
    • While the pay looks very inviting, this email is a scam.
    • Please do not respond to either the sender’s email address or to the other address listed in the email.
    • If you have received an email like this, please report it using Reporting Phishing Attempts & Other Email Scams.
    • Please make sure that you share this information with all of your students, not just student employees!

Important Information

  • IT Questionnaire for IT Purchases
    • For those of you who are involved in purchasing IT applications or services you are already aware of the requirement to complete the Information Access and Protection Questionnaire.
    • This purpose of this form is to help identify if an application or service involves private or confidential data, or performs a critical function which could negatively impact business operations.
    • This form is required for purchasing a new application or service, as well as renewing an existing application or service.
    • In the past, this form has been sent to OIT Security, who then sent UTIA forms to me for approval.
    • The form has just recently been updated with contact information so that it can be sent directly to the appropriate campus or institute approver.
    • Please go to https://procurement.tennessee.edu/contracts/forms/ to download the latest version of the form.

Thank you all for everything you do to protect the Institute and its data, including asking about potential scams before clicking anything or replying. Please remember you may contact me at any time if you have any questions or concerns. I am always here to help you!

Sandy

Important Note: Thank you so much for sharing these e-newsletters with family, friends, clients, students, and anyone else who may benefit from the information. I would like to stress that you should keep your students in mind, as non-employee students will not get this information without someone sharing. If anyone has an email group for students who are not employees of your department, please let me know what that address is, and I can include it. I do this as a blind copy so student names and addresses will not show up!

Sandy Lindsey
Chief Information Security Officer
Information Technology Services
The University of Tennessee
Institute of Agriculture

 

 

G061​ McCord Hall
2640 Morgan Circle Drive
Knoxville, Tennessee, 37996
Phone: (865) 974-7292; (865) 806-5224
sandy@tennessee.edu