Stay Safe

Data Security

 

Test


Sed nec arcu vel nibh ultricies tristique vitae vitae purus. Sed sollicitudin lacinia tellus. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Phasellus non elit eget augue ultricies bibendum. Morbi turpis odio, convallis in iaculis eget, tempor eleifend leo. Phasellus eget eros sit amet purus semper aliquam. Etiam enim orci, faucibus sit amet pharetra malesuada, dapibus id nisi. Ut vulputate dolor eget leo sollicitudin molestie. Quisque malesuada aliquam mi, ac sollicitudin ante dignissim id. Integer auctor iaculis augue eget viverra. In egestas sodales tincidunt. Fusce in risus vel metus pulvinar luctus ac sagittis massa. Praesent sed felis vel metus molestie congue et quis orci. Quisque malesuada congue pretium. In rutrum hendrerit metus. 

Data Security Awareness Training

Avoid Email Scams

Visit our Phishing pages for information about how to identify phishing scams and examples of some real phishing scams.

If you accidentally responded to a phishing message, or you believe that your account has been compromised, contact IT Security at security@uchicago.edu or 773-702-CERT (773-702-2378).

Compute Safely While Traveling

See our travel tip sheet for information on computer and connection security during both domestic and international travel. The tip sheet provides tips on accessing University resources, checking email, securing your wireless connection if you are using a laptop, and precautions you should take when using public computers.

Think before you share: Do not share copyrighted material

Stay informed

From: Microsoft.com Account Team <stwil@hotmail.com>
To: <accountrestore@microsoft.com>
Date: Friday, August 18, 2017 5:35 AM
Subject: Verify Account activities

Body:

[https://image.ibb.co/enJwsv/agenda_icon.png]

Your Mailbox Was Recently Accessed From :
179.54.28.2

If This Wasn't You ,Please Report This Login Attempt By Clicking Here My activities<http://www.smarturl.it/aedupt>

Thanking You
Outlook Team

************************************************************
This is an Administrative Message from Microsoft. It is
not spam. From time to time, Microsoft will send you such
messages in order to communicate important information about
your subscription.
************************************************************

From: Jaroslav Stetkevych <jaroslav@uchicago.edu>
Date: Friday, August 18, 2017 8:29 AM
Subject: Email quota maintenance

Body:

Dear User

Your email account mailbox requires immediate update. (Reason: Quarterly quota maintenance). To update your email account, please CLICK HERE<https://updtemailbox.000webhostapp.com/> immediately for reactivation of your web-mail Account.

Regards

Admin Help Desk

How you know this is a Phishing Scam:

IT Services would never sent such an 'immediate' email -- pressing you to act quickly is a tactic phishers use. There is NO contact information to verify this message, which is another phishing tactic. The URL to 'CLICK' is not a University URL. 'Admin Help Desk' is generic. Delete this email scam!

 

From: Uchicago IT Security <kelvindominic600@gmail.com>
Date: 17 August 2017 18:16
Subject: Shutting down !!!

Body:

DEAR USER,
YOUR UCHICAGO ACCOUNT ERROR.
WE ARE SORRY TO INFORM THAT YOUR UCHICAGO ACCOUNT HAS DEVELOPED ERROR
IN THE DATABASE AND IT IS SHUTTING DOWN ANY MOMENT FROM NOW. WE SENT
THIS NOTIFICATION TO YOU SINCE YESTERDAY BUT NO RESPONSE HAS BEEN
RECEIVED.

THIS IS THE LAST TIME. YOU ARE REQUIRED TO REPLY INSTANTLY TO ENABLE
US CORRECT THIS ERROR AT ONCE. PROVIDE THE FOLLOWING.

YOUR FULL NAMES:..
YOUR DATE OF BIRTH:..
YOUR PASSWORD:..
YOUR CITY:..

WE LOOK FORWARD TO HEARING FROM YOU NOW.

SINCERELY,
UNIVERSITY OF CHICAGO IT SECURITY

©2017 The University of Chicago


How you know this is a Phishing Scam:

Take note, the sender says Uchicago IT Security but is not from a UChicago email address. This is your first clue that that this is a phish. Although it lacks the sophistication of the phish we see today, its goal is the same...to steal your identity! There is also no contact information provided to the recipient if you have any questions about this email.

Do not fall for this scam. Delete this email immediately.

From: hzuo@uchicago.edu
Date: August 17, 2017 at 11:33:47 AM CDT
Subject: Important: IT Security Presents – Protect Your Credentials – Attackers Want You!!

Body:

Dear Members of The University of Chicago and Community,

 

We have recently updated University of Chicago Email Servers to improve security and efficiency, hence all users are advised to update their account to comply with the new server requirements. All members are advised to read through shared document.

 

Failure to update might process your account as inactive, and you may experience interruption of services or undue errors. Please comply.

 

Thank you,

 

Leilani Lauger

Interim Executive Director, Information Security

    and Chief Information Security Officer

Information Technology Services

The University of Chicago

From: Jerry Allen <mailto:Jerry.Allen@transwestern.com>
Date: Wednesday, August 16, 2017 10:37 AM
Subject: IMMEDIATE ACTION REQUIRED: University of Chicago Document To All Employees From President Robert Zimmer - August 16, 2017

Body:

 

A message from Robert Zimmer, President of the University of Chicago:

Dear Staff and faculty,

Attached is the employee strategic initiatives document update.

It's of high importance all staffs read through on what improves the employee strategic.

Sincerely,

Robert Zimmer
President & Chief Executive Officer
Rzimmer@uchicago.edu<mailto:Rzimmer@uchicago.edu>
University of Chicago

 

How you know this is a Phishing Scam:

This phish is sent from a non-UChicago email address and is signed by a prominent figure at the University of Chicago - this is a huge red flag. It is also missing contact information that would allow you to reach his office with any questions regarding its validity.

In addition, the subject states immediate action is required, but the message is very vague. This is a common tactic used by phishers to get the recipient to let down their guard and act on the email. This is a scam! Do not open attachments when you are not sure of the sender. Delete this phish.
 

From: "CRAVEN, Richard (WIRRAL UNIVERSITY TEACHING HOSPITAL NHS FOUNDATION TRUST)" >rich.craven@nhs.net<
To: undisclosed-recipients:;
Date: Fri, 11 Aug 2017 14:05:39 +0000
Subject: Dear Valued Member,

Body:

Dear Valued Member,

Due to the congestion in all users accounts, Would be shutting down all unused accounts. click here to activatehttps://www.sendimate.com/outlook/Docusign/outlook/index.html Your account Now. Or Open the Link below

System Help desk,

(c)Copyright 2017 ******************************************************************************************************************** This message may contain confidential information. If you are not the intended recipient please inform the sender that you have received the message in error before deleting it. Please do not disclose, copy or distribute information in this e-mail or take any action in relation to its contents. To do so is strictly prohibited and may be unlawful. Thank you for your co-operation. NHSmail is the secure email and directory service available for all NHS staff in England and Scotland. NHSmail is approved for exchanging patient data and other sensitive information with NHSmail and other accredited email services. For more information and to find out how you can switch, https://portal.nhs.net/help/joiningnhsmail

How you know this is a Phishing Scam:

The long signature block on this account easily telegraphs something is wrong here: this is a compromised NHS email address being used to send phishing emails.

The link is also very strange and not a University site, and there's no real individual to contact to verify this message is authentic.

Phish rating: -5 out of 10.

From: Sinan Shukur >sinan.shukur@mq.edu.au<
To: Undisclosed recipients:;
Date: August 10, 2017 at 18:15:22 CDT
Subject: Email quota maintenance

Body:

Dear User

Your email account mailbox requires immediate update. (Reason: Quarterly quota maintenance). To update your email account, please CLICK HERE<https://haviquest.000webhostapp.com/> immediately for reactivation of your web-mail Account.

Regards

Admin Help Desk

How you know this is a Phishing Scam:

This is one of the weaker scam attempts we have seen recently:

1. Not a University sender.

2. Not a University website link.

3. Not something we'd ever ask you to do.

4. Not something that's well-written.

5. Email includes no University contact information that can be used to validate the legitimacy of the message.

Overall spam rating: -4 out of 10.

From: IT Admin <mailto:lokesh5377@irctc.com>
Date: Wednesday, August 02, 2017 4:34 PM
Subject: Your E-mail Re-Activate....To Avoid closed down

Body:

This is to notify all Students, Staffs of University that we are validating active accounts.
Kindly confirm that your account is still in use by clicking the validation link below:

Validate Email Account<http://167.114.27.228/~paladar/owa.html?https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002>

Sincerely
IT Help Desk
Office of Information Technology.

How you know this is a Phishing Scam:

This is the typical email you would see from phishers out to obtain your UChicago email credentials. It is very vague and does not provide any contact information if you were to have any questions like, "Why are you asking me to validate my email account?" The link included in the phish is suspicious, as well. The link does not have a recognizeable UChicago domain (i.e. uchicago.edu) and should not be clicked. This is a scam and should be deleted.

From: Microsoft.com Customer Services <mailto:Microsoftteam.com@servicesmicrosoft.com>
Date: Monday, July 31, 2017 7:51 AM
Subject: Important Changes to Microsoft Services Agreement

Body:

Microsoft account

Dear Microsoft Customer,

We've updated the Microsoft Services Agreement,which governs many of our online services - including your Microsoft account and many of our online products and services for consumers, such as Outlook, SkyDrive, Bing, MSN, Office.com, Windows Live Messenger, Windows Photo Gallery, Windows Movie Maker, Windows Mail Desktop, and Windows Writer.

Please Click on the link below to continue using The new Microsoft Services.

New Service<http://www.smarturl.it/gzqy8l>

The updated agreement will take effect on August 1, 2017. If you continue to use our services after July 31th, You have to Click on the New Service Link to avoid Suspension of your account.

.The case number Is 1321184019.

Please note that this invitation will expire soon. Please Verify before 1 Aug 2017.

Thank you for your valuable feedback and time.

Your Microsoft Team

How you know this is a Phishing Scam:

Even though this phish is not purporting to be an UChicago service, it is likely that the recipient of the phish may use one of the listed Microsoft applications. The intent here is that you recognize the application and respond without thinking about it. This phish also uses an URL shortener so you cannot tell where this link will take you if you click on it.

Even though this email includes a case number there is no real person to contact should the recipient have any questions.

Delete this phish right away. You have more important things to do with your time.

From: Arabella Zhao >Arabella.Zhao@murdoch.edu.au<
To: Arabella Zhao >Arabella.Zhao@murdoch.edu.au<
Date: Monday, July 31, 2017 9:36 AM
Subject: Our network maintenance has be scheduled today

Body:

930 MB

950 MB

Your mailbox have exceeded the set quota limit, also note that Our network maintenance has be scheduled today. To ensure your access continues uninterrupted, visit the staff portal below to validate your account and sign on to; . Faculty And Staff E-mail https://email-uchospitals-edu-owa-web-app-edu.000webhostapp.com

* Access the new Faculty & Staff directory
* Pay bills access your pay slips and POS
* Access screen saver timer and password
* Update your ID photo

IT Service Desk - 8-HELP, Tech Hub

How you know this is a Phishing Scam:

This is a commonly abused and re-used site that phishers abuse for hosting their forms. Beware any generic and scary links like this that ask you to visit a non-UChicago site and verify information.

From: eMAIL sERVICE <alisher.mirsobitov@mdis.uz>
To: me <alisher.mirsobitov@mdis.uz>
Date: Thu, 27 Jul 2017 12:47:35 -0400
Subject: Your Webmail/Domain Name Will Be Terminated /Last Warning

Body:

Dear Web/Damain User, You are required to authenticate your account below to continue sending and receiving messages. We strongly advice you to upgrade now to protect your web/Domain and avoid termination. Click verify your email below: Verify your email http://jar.ma/2jU02N This helps protects your account Thanks! Web/DomainTeam © 2016Web/DomailTeam

How you know this is a Phishing Scam:

The truly awful typos and spelling in this phish give it away, as well as the use of a suspicious URL shortener.  But, one might ask, WHY is the spelling so bad?  Surely phishers can write well!

They can, but this kind of mangled text gets by automated scans more easily in some cases... and it looks close enough to readable that people fooled will still follow the instructions.

Don't be fooled!

From: "Perrin, Whitney" <whitney.perrin@ndsu.edu>
Date: July 24, 2017 at 14:29:04 CDT
Subject: E-mail Validation: University of Chicago

Body:

 

This is to notify, all Students and Staffs of University of Chicago we are validating an active accounts.

 

Kindly confirm that your account is still in use by clicking the validation link below:

 

<http://dgdfgdfs/>

Validate Email Account  <http://smkn1gedangsari.sch.id/oficio365id/office/index.html>

 

Sincerely

IT Help Desk

Office of Information Technology

The University of Chicago

© 2017, The University of Chicago; IT Services <http://answers.uchicago.edu/>

How you know this is a Phishing Scam:

Odd grammar.  Site it asks you to go to is not University of Chicago.  The sender is not even pretending to be a University of Chicago account, so it's likely compromised.  No true contact information, such as a phone number.  This is a scam.  Don't take the bait!  Delete it now.