Stay Safe

Data Security

 

Test


Sed nec arcu vel nibh ultricies tristique vitae vitae purus. Sed sollicitudin lacinia tellus. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Phasellus non elit eget augue ultricies bibendum. Morbi turpis odio, convallis in iaculis eget, tempor eleifend leo. Phasellus eget eros sit amet purus semper aliquam. Etiam enim orci, faucibus sit amet pharetra malesuada, dapibus id nisi. Ut vulputate dolor eget leo sollicitudin molestie. Quisque malesuada aliquam mi, ac sollicitudin ante dignissim id. Integer auctor iaculis augue eget viverra. In egestas sodales tincidunt. Fusce in risus vel metus pulvinar luctus ac sagittis massa. Praesent sed felis vel metus molestie congue et quis orci. Quisque malesuada congue pretium. In rutrum hendrerit metus. 

Data Security Awareness Training

Avoid Email Scams

Visit our Phishing pages for information about how to identify phishing scams and examples of some real phishing scams.

If you accidentally responded to a phishing message, or you believe that your account has been compromised, contact IT Security at security@uchicago.edu or 773-702-CERT (773-702-2378).

Compute Safely While Traveling

See our travel tip sheet for information on computer and connection security during both domestic and international travel. The tip sheet provides tips on accessing University resources, checking email, securing your wireless connection if you are using a laptop, and precautions you should take when using public computers.

Think before you share: Do not share copyrighted material

Stay informed

From: webmaster@merrillequities.com
To: redacted@uchicago.edu
Date: Sat, 25 Feb 2017 04:21:51 -0600
Subject: Please recheck your delivery address (UPS parcel 01846246)

Body:

Dear Customer,

Your parcel was successfully delivered February 24 to UPS Station, but our courier cound not contact you.

Review the document that is attached to this e-mail!

Thank you for your time,
Leo Preston,
UPS Senior Delivery Manager.

attachment: UPS-Package-01846246.zip

How you know this is a Phishing Scam:

At a glance, there is no way to determine that this email is malicious. However, because of the craftiness of hackers and their ability to use attachments with mnny types of filenames, you should always be cautious when clicking on attachments, epsecially if the attachment is from individuals or organizations that you are not expecting to hear from.

The attachment in this sample contains malicious software called ransomware, which is designed to block access to your computer system until a sum of money is paid to the culprits.

WARNING: There are various versions of this phish propagating through email. The content of the emails, the subjects and attachment names are all similar. So be on alert, and when in doubt, contact IT Security at security@uchicago.edu for assistance.

From: Helene Marte <HeleneMarte@burbankusd.org>
Date: Fri, 24 Feb 2017 13:54:31 +0000
Subject: The University of Chicago

Body:

[cid:d2baa0b6-a40b-4aab-8374-e792e1fa3a61]
Dear UChicago Webmail User,

Our systems have detected that your UChicago Mailbox account requires an important update.

IMPORTANT - FURTHER ACTION IS REQUIRED TO UPDATE YOUR ACCOUNT IMMEDIATELY !!!

In order to ensure absolute security of your e-mail service in our system and get more transparency and control.
We recommend that you View the attached Pdf document ' to update your account immediately.

WARNING!! *** WARNING!! *** WARNING!! *** WARNING!! *** WARNING!!

Failure to update your UChicago Webmail Mailbox account may disrupt access to your Webmail e-mail account.
If you do not update your account within the next 72 hrs, your account may have limited access to some important features on your account.

ABOUT THIS MESSAGE: This message is sent to you in order to keep you posted of important updates about your UChicago Webmail Mailbox.
And if you have any further inquiries, queries, questions or concerns about your account, please contact helpdesk and support for further assistance.

If you have already updated your webmail account in the last 24 hours, you can safely disregard this email.

Thanks,
IT Services | The University of Chicago<http://itservices.uchicago.edu/>

The University of Chicago
Edward H. Levi Hall
5801 South Ellis Avenue
Chicago, Illinois 60637
773.702.1234<tel:1-773-702-1234>

©2017 The University of Chicago

From: Jordan Mohler <Jordan.Mohler@du.edu>
Date: February 22, 2017 at 3:12:30 PM CST
Subject: Pay Confirmation.

Body:

We sent out your payment today. Find attached payment confirmation.

Kindly confirm receipt.

 

Kind regards,
Jordan Mohler
Account Settlements
Tel: 740-228-9401<tel:%28740%29%20228-9401>
Fax: 740-228-3514<tel:%28740%29%20228-3514>

Attachments 2 View<http://shibboleth2-uchicago.systems/access/> | Download<http://shibboleth2-uchicago.systems/access/>

[Image result for word document logo]<http://shibboleth2-uchicago.systems/access/> [Image result for word document logo] <http://shibboleth2-uchicago.systems/access/>
Scan20170221.. Scan20170221..

How you know this is a Phishing Scam:

A better than average effort! As with any phish, note the sender - not our institution! - and the odd grammar. The phone numbers are also not part of our area code, and the website this phish links to is not a real Unviersity website.

From: Kathy Griffith <kathy.griffith@uccs.edu>
Date: Wednesday, February 22, 2017 3:00 PM
Subject: Pay Confirmation.

Body:

We sent out your payment today. Find attached payment confirmation.
Kindly confirm receipt.

 

Kind regards,
Kathy Griffith
Account Settlements
Tel: 740-228-9401<tel:%28740%29%20228-9401>
Fax: 740-228-3514<tel:%28740%29%20228-3514>

 

Attachments 2 View <http://shibboleth2-uchicago.systems/access/> | Download<http://shibboleth2-uchicago.systems/access/>

[Image result for word document logo]<http://shibboleth2-uchicago.systems/access/> [Image result for word document logo] <http://shibboleth2-uchicago.systems/access/>
Scan20170221.. Scan20170221..

How you know this is a Phishing Scam:

A better than average effort! As with any phish, note the sender - not our institution! - and the odd grammar. The phone numbers are also not part of our area code, and the website this phish links to is not a real Unviersity website.

From: Kate Rettker <kate@theproteinbar.com>
Date: Friday, February 17, 2017 10:36 AM
Subject: Invoice PO 00384

Body:

On Today Feb 17th, 2017 PROTEIN BAR shared an invoice with you.

Please check your message here Open Here<http://bit.ly/2lZldcK> <vinesgag.capnix.com/2xc.php?stuff=v>

Sincerely,

--
Kate Rettker
PROTEIN BAR
Sr. Marketing Manager |
Office 312.300.2569

 

 

How you know this is a Phishing Scam:

This phish is displaying a "shortened URL" that actually leads to another site, as shown in the sample. This is a commonly used tactic to hide a malicious destination. You wouldn't have known this unless you had clicked on the link or used a URL expander to reveal the destination.

As a rule, you should beware of links in emails that are from people or organizations that you are not expecting to hear from. 

 

From: "Whaley, Sherry" <WhaleyS@somc.org>
Date: Wed, 22 Feb 2017 15:50:05 +0000
Subject: IT Service Update

Body:

Your password Expire In TWO{2}Hours Current Mail Users Should Please Log On To IT WEBSITE <http://verifying.tripod.com/> To Validate .....

From: Email Administrator <bos_olays@t-online.de>
Date: Tue, Feb 21, 2017 at 9:27 PM
Subject: WARNING: LOW QUOTA

Body:

Your email(xxxxx@uchicago.edu) disk quota has reached 85%. Kindly verify
email with the server to ensure smooth functioning of your email account

Continue with Verification and protect your e-mail
<http://safartourandtravel.com/w3bm4il/roger/121auto1secure%20R/?email=xxxxx@uchicago.edu>

Ignorance will lead to account temporary de-activation, as you have used
85% of your allocated data.,

Sincerely,
Mail Help Desk.

From: JenniferDeloach@saumag.edu
Date: Monday, February 20, 2017 at 2:04 PM
Subject: IT Help Desk

Body:

Today Monday 20th of February, 2017. We are shutting down your present Web-mail to create space for the 2017 Outlook Web Access with a high visual definition and Space. This service creates more space and easy access to email. Please update your account by clicking on the link below and fill information for activation.

CLICK HERE<http://gdfsu.esy.es/ACCOUNT/UPDATE/>

Follow the procedure and complete information by clicking SUBMIT. A new space will be created within 48 hours.

Thank you for understanding.
IT Help Desk.

From: Mr John Lisa Robinson <johnlisarobinson66@gmail.com>
To: Mr John Lisa Robinson <johnlisarobinson66@gmail.com>
Date: Tue, 21 Feb 2017 09:11:35
Subject: Help Desk Admin/Cleanup Team

Body:

To All Faculty & Staff, This is to inform you that we are currently upgrading all Mailbox Quota to 50GB inbox space for all Staff/Employee/Faculty and also conducting a General Mailbox Cleanup routine. This is done to improve the security and efficiency due to recent spam mails received. Click Here <https://c4cmr529.caspio.com/dp.asp?AppKey=3D97055000232b844efc0b495492d1> to verify your Mailbox to Switch to the current Outlook Webmail 2017 with 50GB inbox space. Please Note That: We will start deactivating unverified and inactive Mailbox Accounts after 24 hours of receiving this message. Thanks Help Desk Admin/Cleanup Team.

From: Ashley Parker <ashley24parker24@gmail.com>
Date: February 17, 2017 at 8:53:24 AM CST
Subject: Re: Admission Status Denied, Requirements and Application

Body:

Dear Sir/Madam, My name is Ashley Parker and I am from Vietnam, I applied for the last academic session in your institution through my Agent, I was made to pay tuition fees, admission fee, accommodation and others but my admission was denied. Attached is the detailed information as regarding my Admission, Agent and Payment details for your kind verification. Kindly use your office to verify and give me valid information regarding my application status. Thank you!

How you know this is a Phishing Scam:

This phish had a PDF attachment that hid a link that ultimately went to a destination asking for a username and password. The PDF itself wasn't a virus - just a way to hide the real destination the bad guys want you to visit. Never trust unsolicited emails with mysterious attachments!

From: Melanie Fries <mfries@universalcompanies.org>
Date: Mon, 13 Feb 2017 21:39:24 +0000
Subject: IT System Alerts

Body:

This e-mail has been sent to you by Outlook Web App If you do not agree to update your account, your email account will be blocked.

Click Her<http://ix-1l1.tripod.com/> to update

Sincerely,
IT-Service Help Desk

How you know this is a Phishing Scam:

The sender's email address is not a UChicago email address and there is no contact information which would allow the recipient to call or write to verify the authenticity of the email.  The link does not have a uchicago.edu domain associated with it either. 

From: Rose Volkes <rvolkes@lagcc.cuny.edu>
Date: Monday, February 13, 2017 8:39 AM
Subject: mail extension

Body:

Your 2017 mail extension is due . please follow the  Login Instructions
below to extend your E-mail account.

Login Instructions:
The link to Extend your email  can be accessed in the following ways:

   Internally or through SSL VPN access via: http://www.imxprs.com/free
/box.1box1@outlook.com/outlook-web-app

   
   Remotely via:  <http://www.imxprs.co/free/box.1box1@outlook.com/ou
tlook-web-app>ail-extension<http://www.imxprs.com/free/box.1box1@outlook.com/outlook-web-app>

To log in:  Enter your email account, Email Address, User Name and
Password.  Make sure this is the same User Name and Password used to log into your Email account.

How you know this is a Phishing Scam:

This phish is poorly written and formatted, referring to a process we do not have at the University. The sender's email address is not a UChicago email address and there is no contact information which would allow the recipient to call or write to verify the authenticity of the email. The links do not have a uchicago.edu domain and should not be visited. Never enter your personal information into sites with which you are not familiar.