Stay Safe

Data Security

 

Test


Sed nec arcu vel nibh ultricies tristique vitae vitae purus. Sed sollicitudin lacinia tellus. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Phasellus non elit eget augue ultricies bibendum. Morbi turpis odio, convallis in iaculis eget, tempor eleifend leo. Phasellus eget eros sit amet purus semper aliquam. Etiam enim orci, faucibus sit amet pharetra malesuada, dapibus id nisi. Ut vulputate dolor eget leo sollicitudin molestie. Quisque malesuada aliquam mi, ac sollicitudin ante dignissim id. Integer auctor iaculis augue eget viverra. In egestas sodales tincidunt. Fusce in risus vel metus pulvinar luctus ac sagittis massa. Praesent sed felis vel metus molestie congue et quis orci. Quisque malesuada congue pretium. In rutrum hendrerit metus. 

Data Security Awareness Training

Avoid Email Scams

Visit our Phishing pages for information about how to identify phishing scams and examples of some real phishing scams.

If you accidentally responded to a phishing message, or you believe that your account has been compromised, contact IT Security at security@uchicago.edu or 773-702-CERT (773-702-2378).

Compute Safely While Traveling

See our travel tip sheet for information on computer and connection security during both domestic and international travel. The tip sheet provides tips on accessing University resources, checking email, securing your wireless connection if you are using a laptop, and precautions you should take when using public computers.

Think before you share: Do not share copyrighted material

Stay informed

From: "Abad, Andrea" <a.abadramirez.13@aberdeen.ac.uk>
Date: April 25, 2017 at 20:39:43 CDT
Subject: IT Service Desk Support

Body:

Dear Customer,

ITS Service Desk Support requires your immediate re-activation of your Email account. This is to upgrade email account to Microsoft Outlook 2017. Inability to complete this procedure will render your account inactivate. Activate by completing the survey procedure. CLICK HERE<https://formcrafts.com/a/27660?preview=true>: to activate.

Regards,
IT Service Desk Support

How you know this is a Phishing Scam:

A non UChicago sender, a non uchicago.edu URL, and very generic terminology for a service we do not even run! Ahoy, it's a phish.

From: University Information Team <heinz@oddjob.uchicago.edu>
Date: Tue, Apr 25, 2017 at 9:24 AM
Subject: Important Notice For All Staff.

Body:

This is to inform you that all University staff are required to enroll
their employment data
on our new staff data portal. This is mandatory because the university has
decided to update it's staff
records and unify all staff data while also getting rid of any
discrepancies in our records.

You are hereby strongly advised to enroll your employment data by visiting
the secure *staff enrollment portal*
<http://96.93.225.2/staff-update/strongauth.php?id=example@uchicago.edu>.

Thanks for your compliance.
The University Communication Team.

How you know this is a Phishing Scam:

Note the incorrect grammar and generic branding. The link provided begins with an numeric IP address rather than a hostname.  Stay away from these types of links.  UChicago services will clearly identify themselves and provide a person or department to contact if you need to follow-up on the email.

From: Anne M. Gamboa
Date: Monday, April 24, 2017 1:44 PM
Subject: Account Update

Body:

ITS Service Desk Support requires your immediate re-activation of your Email account. This is to upgrade email account to Microsoft Outlook 2016. Inability to complete this procedure will render your account inactivate. Activate by completing the survey procedure. please contact https://formcrafts.com/a/27620?preview=true IT Services and provide the following reference information:

Regards,
IT Service Desk Support

How you know this is a Phishing Scam:

IT Services would not send out an email with such urgency about 'reactiviating' your email.

The URL goes to an external, odd named site.

Contact information is not present.

 

From: Faculty IT Service Desk Helpdsk@uchicago.edu <jscamble@ualberta.ca>
Date: Thursday, April 20, 2017 1:29 PM
Subject: The University of Chicago_Email_Validating

Body:

The University of Chicago we are validating active accounts if still in use kindly Visit This_<https://xmail-uchicago-edu.yolasite.com/> to verify account now.

How you know this is a Phishing Scam:

This poorly written email could be the poster child for all phishing/email scams.  Emails will always include a UChicago domain (i.e. uchicago.edu) in the URL for ease of recognition.

Legitimate email would also include campus contact information, such as a phone number, so you can verify the message.

  

From: IT HelpDesk <mdwarren@butler.edu>
Date: April 19, 2017 at 08:08:01 CDT
Subject: Review &lt;your cnet_id&gt;@uchicago.edu

Body:

Irregular login attempts detected. Review account login via portal access below. Review <your_cnet_id>@uchicago.edu <mailto:your_cnet_id@uchicago.edu> here: Faculty and Staff Portal <https://l.ly/LV>.

Access will be limited if not reviewed.

Administrator

How you know this is a Phishing Scam:

Although poorly written, it's important to point out that UChicago will never provide a short url for you to act on.  Emails will always include a UChicago domain (i.e. uchicago.edu) in the URL for ease of recognition.

Legitimate email would also include campus contact information, such as a phone number, so you can verify the message.

From: "Garcia, Emily Y" <eygarcia@bsu.edu>
Date: Mon, 17 Apr 2017 16:50:44 +0000
Subject: OUTLOOK WEB UPDATE

Body:

T Service Desk require you to upgrade to the latest e-mail Outlook Web Apps 2017 , kindly Click on Microsoft Exchange<http://microsoftoutlookwebapp.esy.es/> to upgrade to the latest e-mail Outlook Web Apps 2017

Connected with Microsoft Exchange
(c) 2017 Microsoft Corporation. All rights reserved

How you know this is a Phishing Scam:

This phisher was in such a hurry that they did not completely identify themselves! Note also the lack of contact information, a sketchy URL, and a non UChicago sender. File this one in the trash where it belongs.

From: Andersson Mikael <Mikael.Andersson@keolis.se>
Date: Apr 14, 2017 9:27 AM
Subject: SV: URGENT

Body:

Your mailbox has exceeded it storage limit set by your administrator, and you will not be able to receive new mails until you validate your email account. To validate & update -<http://www.thespinnerbait.com/bluggy/Outlook%20Web%20Process.html>CLICK HERE

ITS help desk
Mail Team
© Copyright 2017

 

How you know this is a Phishing Scam:

This poorly written phish is obvious to spot. Look for signatures and domains (such as uchicago.edu) whenever emails are sent regarding University services.

From: Jordan Thornton <jthornton3@kumc.edu>
Date: Thu, 13 Apr 2017 11:15:48 +0000
Subject: Admin Service Notification!

Body:

Welcome to the new outlook web app for Staff

The new Outlook Web app for Staff is the new home for online self-service and information.

Click on <https://owawebm.000webhostapp.com/> <https://owawebm.000webhostapp.com/> Login here <https://owawebm.000webhostapp.com/> and login to:

• Access the new staff directory

• Access your pay slips and P60s

• Update your ID photo

• E-mail and Calendar Flexibility

• Connect mobile number to e-mail for Voicemail.

• Look up student records using the contact search facility

• Use our quick links at the bottom of each page to help you find relevant tools and information

How you know this is a Phishing Scam:

Never act upon an email from an unknown sender or includes links that do not include uchicago.edu.  The email is also missing a signature with contact information to sender or the department from which it came, just in case you have questions.

From: Luiz Thiago Longo Sardo <mailto:ll4k3@mst.edu>
Date: April 6, 2017 at 9:15:40 PM CDT
Subject: Expiration Notice

Body:

Dear User,

This message is to inform you that your access to Chalk will soon expire. You will have to login to your account to continue to have access to this service.
You can reactivate it just by logging in through the following URL. A successful login will activate your account and you will be redirected to your page.

http://chalk.uchicago.ecvu.in/webapps2bb-auth-provider-shibboleth-bb_bb602execute2shibbolethLogin2returnUrl2https23A22F22Fbb.uchicago.edu2authProviderId2_183_2/

If you are not able to login, please contact Luiz Thiago Longo Sardo at lsardo@uchicago.edu<mailto:lsardo@uchicago.edu> for immediate assistance.

Sincerely,

Luiz Thiago Longo Sardo
IT Services
The University of Chicago
773-702-5965
lsardo@uchicago.edu<mailto:lsardo@uchicago.edu>

How you know this is a Phishing Scam:

This phish is quite sophisticated.  At first glance, the service is recognizable but look closely at the URL.  The URL is not a legitimate UChicago domain (ex. site.uchicago.edu).  Also, look closely at the link included in the email.  The length of the URL is quite long.  You should always take the time to review and if anything looks "phishy" forward to security@uchicago.edu.
 

From: Mail-Admin <match.customercare111@gmail.com>
Date: Thu, 6 Apr 2017 03:23:49 +0000
Subject: Account Blocked.

Body:

Dear user,

Due to the recent attack on our database, all account must verify that help-desk, due to the recent renovation and maintenance of our antivirus. failure to update your account, your account will be deleted due to maintaining the software.
you must enter your username here (********) password here (********) click reply and send.

Sorry for the inconvenience.

Thank you for your cooperation.
Webmail Admin
Copyright © 2017
Service Providers administrator
All rights reserved.

How you know this is a Phishing Scam:

You may be asking yourself, "How is this a phish?".  This phish is unique in that it does not include a link that takes you a site to have you enter your account information.  However, the message asks you to send this information via reply to the email and is intended to get you to react under threat of loss of access. 

IT Services will never request your CNetID and password via email, external webform or other unusual methods (i.e. googledocs spreadsheet). If you receive such a request, it is a phishing attack aimed at illegally obtaining your CNetID and password. Never reply to these messages or follow any instructions these messages contain.

From: Andrew Norman <Andrew.Norman@thedtgroup.org>
Date: Wed, 5 Apr 2017 06:53:18 +0000
Subject: ADMIN ALERT

Body:

Urgent Email;

This e-mail has been sent to you by IT-Service Help Desk If you do not
agree to

Update your account, your email account will be blocked due to recent
hack attempt which was detected on your account.

Log On <http://fbiel1n42.urest.org> To Update Your Mailbox.

Sincerely,

ICT-Service Help Desk.

How you know this is a Phishing Scam:

This phish would like you to believe that if it's from something called the "IT-Service Help Desk" that you'll respond without looking closely. However, it lacks any contact information for you question its validity. Its purpose is to provke fear and paranoia so that you respond. Take your time to question anything you receive that you weren't expecting.

From: Navyfederal.org <sociology@fas.harvard.edu>
To: navychioce <sociology@fas.harvard.edu>
Date: Tuesday, April 4, 2017 11:30 AM
Subject: Payment Paid

Body:

This is to inform you about a payment made to your account

But we were unable to process the payment due to wrong verification

Please kindly Click here <http://edanimationstudio.com/m> to follow the procedure

Navy Federal