Stay Safe

Data Security

 

Test


Sed nec arcu vel nibh ultricies tristique vitae vitae purus. Sed sollicitudin lacinia tellus. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Phasellus non elit eget augue ultricies bibendum. Morbi turpis odio, convallis in iaculis eget, tempor eleifend leo. Phasellus eget eros sit amet purus semper aliquam. Etiam enim orci, faucibus sit amet pharetra malesuada, dapibus id nisi. Ut vulputate dolor eget leo sollicitudin molestie. Quisque malesuada aliquam mi, ac sollicitudin ante dignissim id. Integer auctor iaculis augue eget viverra. In egestas sodales tincidunt. Fusce in risus vel metus pulvinar luctus ac sagittis massa. Praesent sed felis vel metus molestie congue et quis orci. Quisque malesuada congue pretium. In rutrum hendrerit metus. 

Data Security Awareness Training

Avoid Email Scams

Visit our Phishing pages for information about how to identify phishing scams and examples of some real phishing scams.

If you accidentally responded to a phishing message, or you believe that your account has been compromised, contact IT Security at security@uchicago.edu or 773-702-CERT (773-702-2378).

Compute Safely While Traveling

See our travel tip sheet for information on computer and connection security during both domestic and international travel. The tip sheet provides tips on accessing University resources, checking email, securing your wireless connection if you are using a laptop, and precautions you should take when using public computers.

Think before you share: Do not share copyrighted material

Stay informed

From: Ashley Parker <ashley24parker24@gmail.com>
Date: February 17, 2017 at 8:53:24 AM CST
Subject: Re: Admission Status Denied, Requirements and Application

Body:

Dear Sir/Madam, My name is Ashley Parker and I am from Vietnam, I applied for the last academic session in your institution through my Agent, I was made to pay tuition fees, admission fee, accommodation and others but my admission was denied. Attached is the detailed information as regarding my Admission, Agent and Payment details for your kind verification. Kindly use your office to verify and give me valid information regarding my application status. Thank you!

How you know this is a Phishing Scam:

This phish had a PDF attachment that hid a link that ultimately went to a destination asking for a username and password. The PDF itself wasn't a virus - just a way to hide the real destination the bad guys want you to visit. Never trust unsolicited emails with mysterious attachments!

From: Melanie Fries <mfries@universalcompanies.org>
Date: Mon, 13 Feb 2017 21:39:24 +0000
Subject: IT System Alerts

Body:

This e-mail has been sent to you by Outlook Web App If you do not agree to update your account, your email account will be blocked.

Click Her<http://ix-1l1.tripod.com/> to update

Sincerely,
IT-Service Help Desk

How you know this is a Phishing Scam:

The sender's email address is not a UChicago email address and there is no contact information which would allow the recipient to call or write to verify the authenticity of the email.  The link does not have a uchicago.edu domain associated with it either. 

From: Rose Volkes <rvolkes@lagcc.cuny.edu>
Date: Monday, February 13, 2017 8:39 AM
Subject: mail extension

Body:

Your 2017 mail extension is due . please follow the  Login Instructions
below to extend your E-mail account.

Login Instructions:
The link to Extend your email  can be accessed in the following ways:

   Internally or through SSL VPN access via: http://www.imxprs.com/free
/box.1box1@outlook.com/outlook-web-app

   
   Remotely via:  <http://www.imxprs.co/free/box.1box1@outlook.com/ou
tlook-web-app>ail-extension<http://www.imxprs.com/free/box.1box1@outlook.com/outlook-web-app>

To log in:  Enter your email account, Email Address, User Name and
Password.  Make sure this is the same User Name and Password used to log into your Email account.

How you know this is a Phishing Scam:

This phish is poorly written and formatted, referring to a process we do not have at the University. The sender's email address is not a UChicago email address and there is no contact information which would allow the recipient to call or write to verify the authenticity of the email. The links do not have a uchicago.edu domain and should not be visited. Never enter your personal information into sites with which you are not familiar.

From: Meredith Griffith <mailto:MGriffith@unfi.com>
Date: 2/13/17 9:21 AM (GMT-06:00)
Subject: Support Incident #800223

Body:

Please read attach message from Helpdesk regarding your email account. Follow instruction accordingly.

Helpdesk Team.

How you know this is a Phishing Scam:

The sender's email address is not a UChicago email address and there is no contact information which would allow the recipient to call or write to verify the authenticity of the email.

The email contains an unsolicited attachment that contains a link, that potentially leads to a phishing or malware site.  Attachments of this nature are sometimes used to bypass your antivirus software. Beware of opening attachments, especially if you aren't expecting it or it comes from someone you do not know.

From: prime@e.updating.ca
To: redacted@uchicago.edu
Date: Thu, 9 Feb 2017 04:21:07 +0300
Subject: Update_Your_Account_Amazon

Body:

DEAR AMAZON.COM CUSTOMER

Amazon is pleased to inform our customers of online shopping that we have successfully upgraded to a more secure and encrypted SSL servers to serve our esteemed customers for a better and more efficient services in this year.

Due to this recent upgrade you are requested to update your account information by following the reference below using our new secure and safe SSL servers. To validate new secure and safe SSL servers Click on UPDATE YOUR AMAZON ACCOUNT <http://serafimsosh1.ru/prime.php>

This will help protect you in the future. The process does not take more than 3 minutes. To proceed to confirm your account information please click on the link below and follow the instructions that will be required.

Thank you,
Amazon Online Shopping Team

How you know this is a Phishing Scam:

This phish tries to put the recipient at ease by telling them that they have secured their website for the customer's own protection, so trust them.  However, nothing about this phish is to be trusted. 

The sender's email address is not a UChicago email address and there is no contact information which would allow the recipient to call or write to verify the authenticity of the email. Also, this phish contains a link that does not go to an Amazon domain. The poor phrasing in the subject is also an attempt to evade email filters - another red flag.